February 17, 2022
Marriott Austin Downtown
UTC timezone

Post-Quantum DNSSEC: FALCON Signatures in PowerDNS

Feb 17, 2022, 5:35 PM
Marriott Austin Downtown

Marriott Austin Downtown

304 East Cesar Chavez Street, Austin, Texas 78701 USA
Standard Presentation Main Session OARC 37 Day 1


Nils Wisiol (deSEC e.V.)


We present the first implementation of post-quantum DNSSEC. As a prototype, we extended PowerDNS authoritative DNS server and recursor to sign, serve, and validate DNSSEC-signatures based on the FALCON signature scheme.

A high-level overview of the implementation work, which is based on a modification of the OpenSSL post-quantum fork, will be given, and statistics on performance and packet sizes of our test-bench setup are presented. Finally, we consider arguments around the necessity of post-quantum signatures in DNSSEC in general.

Presentation delivery Remotely (online)

Primary authors

Nils Wisiol (deSEC e.V.) Matthieu Grillere (Technische Universität Berlin) Dr Peter Thomassen (Secure Systems Engineering)

Presentation materials