How DNSSEC secures DNS

Add to your list(s) Download to your calendar using vCal

• Sizhe Sun, Sidney Sussex College
• Wednesday 07 March 2018, 19:00-19:30
• Jock Colville Hall, Churchill College.

If you have a question about this talk, please contact Matthew Ireland.

Domain Name System(DNS), despite being one of the most important and successful parts of the Internet infrastructure, is notoriously vulnerable to spoofing attacks due to its design flaws. DNSSEC is a security extension to DNS that aims to ameliorate the problem by applying public-key cryptography to provide data origin authentication and integrity validation. DNSSEC implements a public key infrastructure(PKI) that has also led to applications using it as a platform to securely distribute public keys.

First part of this talk introduces DNSSEC , and explains how it works as well as how it builds a chain of trust model to secure DNS . In the second part a specific application of using DNSSEC to securely publish SSH fingerprint is briefly introduced. We will then discuss limitations and problems of DNSSEC which hinders its wider deployment.

This talk is part of the Churchill CompSci Talks series.

This talk is included in these lists:

• Churchill CompSci Talks
• Jock Colville Hall, Churchill College
• computer science
• se393's list

Note that ex-directory lists are not shown.