DNSSEC, a DNS security extension, is essential to accurately translating domain names to IP addresses. Digital signatures provide the foundation for this reliable translation, however, the evolution of 'Quantum Computers' has made traditional digital signatures vulnerable. In light of this, NIST has recently selected potential post-quantum digital signatures that can operate on conventional computers and resist attacks made with Quantum Computers. Since these post-quantum digital signatures are still in their early stages of development, replacing pre-quantum digital signature schemes in DNSSEC with post-quantum candidates is risky until the post-quantum candidates have undergone a thorough security analysis. Given this, herein, we investigate the viability of employing 'Double-Signatures' in DNSSEC, combining a post-quantum digital signature and a classic one. The rationale is that double-signatures will offer protection against quantum threats on conventional signature schemes as well as unknown non-quantum attacks on post-quantum signature schemes, hence even if one fails the other provides security guarantees. However, the inclusion of two signatures in the DNSSEC response message doesn't bode well with the maximum allowed size of DNSSEC responses (i.e., 1232B, a limitation enforced by MTU of physical links). To counter this issue, we leverage a way to do application-layer fragmentation of DNSSEC responses with two signatures. We implement our solution on top of OQS-BIND and through experiments show that the addition of two signatures in DNSSEC and application-layer fragmentation of all relevant resource records and their reassembly does not have any substantial impact on the efficiency of the resolution process and thus is suitable for the interim period at least until the quantum computers are fully realized.
翻译:暂无翻译