Quantum computing is threatening current cryptography, especially the asymmetric algorithms used in many Internet protocols. More secure algorithms, colloquially referred to as Post-Quantum Cryptography (PQC), are under active development. These new algorithms differ significantly from current ones. They can have larger signatures or keys, and often require more computational power. This means we cannot just replace existing algorithms in DNSSEC by PQC alternatives, but need to evaluate if they meet its requirements.
In this presentation we analyze the impact of PQC on the Domain Name System and its Security Extensions. We give an introduction to PQC and then evaluate current candidate PQC signature algorithms in the third round of the NIST competition on their suitability for use in DNSSEC.