30–31 Jul 2022
Sheraton Philadelphia Downtown
US/Eastern timezone

Cache Poisoning Protection for Authoritative Queries

30 Jul 2022, 14:00
25m
Liberty D (Sheraton Philadelphia Downtown)

Liberty D

Sheraton Philadelphia Downtown

201 North 17th Street Philadelphia PA 19103 United States
Standard Presentation Main Session OARC 38 Day 1

Speaker

Puneet Sood (Google)

Description

We discuss standard and non-standard mechanisms for protecting DNS queries against cache poisoning attacks between resolvers and name servers. The techniques covered include DNS cookies, 0x20 bit munging, nonce prefixes and DNS over TLS/QUIC. We present data from implementing these techniques in Google Public DNS and some interesting behaviors observed during the implementation.

The talk builds on the material covered at
https://developers.google.com/speed/public-dns/docs/security.

Presentation delivery In-person at the workshop venue

Primary authors

Puneet Sood (Google) Mr Tianhao Chi (Google)

Presentation materials