Speaker
Description
We have conducted a field study on post-quantum DNSSEC, involving RIPE ATLAS measurements with around 10,000 probes. Using implementations of PQC signing schemes (Falcon, Dilithium, SPHINCS+, XMSS) in both BIND and PowerDNS, DNS response success and failure rates depending on the signing scheme and other parameters were investigated.
In addition to the above algorithms, we for the first time present results on a new class of DNSSEC signatures, using Merkle trees for optimizing signature sizes. Besides measurement results, we'll provide context on our implementation approach.
We find that depending on circumstances, a significant fraction of clients choke. Failure rates are mainly a function of response packet size, which is mediated by parameters such as DNSSEC configuration (KSK/ZSK vs. CSK, NSEC vs. NSEC3, or compact DoE) and DO bit presence, with some variation depending on transport. This is qualitatively in line with the "educated guess", but adds quantitative detail. We also find surprising results, such as that a number of resolvers claim to have validated PQC signatures, even though it is implausible for resolvers to support these algorithms.
Implementation included adding both signing and validation support to PowerDNS recursor and BIND resolver. Both functions can be tested using a do-it-yourself frontend, which the public can use to work and familiarize themselves with our testbed. We hope that this study helps inform future PQC engineering developments in the DNSSEC context.
| Talk duration | 20 Minutes (+5 for Q&A) |
|---|
