Securing domain name system combined with MIPv6 for mobile hosts

College

College of Computer Studies

Department/Unit

Computer Technology

Document Type

Conference Proceeding

Source Title

12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

First Page

172

Last Page

179

Publication Date

2013

Abstract

DNS is the standard mechanism for name to IP address resolution. The DNS has been extended to DNSSEC to add security by providing origin authentication and data integrity by the process of creating signatures periodically, which results in intensive computations. Adding digital signatures to a domain increases each record size by 5-7 times, which puts a burden of DNS reply messages on the authoritative name servers. The goal of this paper is to find secure DNS mechanism, which cause relatively low computation loads and reply burden especially for infrastructure mode MANET gateways that are responsible for name resolution services as well as local mobility management for mobile hosts. This paper proposes SECDNS (Secure DNS) mechanism that handles secure query/reply transactions using the one-time session key generated per a query basis. In the proposed SECDNS, burden for securing DNS is distributed for every DNS queries. We analyze how many SECDNS transactions can the session key with a given length handle and suggest the solution of the anti-MITM attack scheme, which protects the name resolution services against the possible MITM attacks and make it useless for the enemy to decrypt the SECDNS reply messages in time.

html

Disciplines

Computer Engineering | Digital Communications and Networking

Keywords

Internet domain names; Wireless communication systems

Upload File

wf_no

This document is currently not available here.

Share

COinS