ss2DNS: A Secure DNS Scheme in Stage 2

TL;DR

ss2DNS is a new secure DNS scheme that enhances privacy and security during resolution, maintains efficiency with a single round-trip, and avoids exposing long-term private keys, outperforming DNS-over-TLS in key metrics.

Contribution

The paper introduces ss2DNS, a novel DNS security scheme that improves security and privacy without sacrificing efficiency or requiring external entities or long-term key duplication.

Findings

Comparable server-side latency to less-secure schemes

Significantly better performance than DNS-over-TLS

Provides real-time security properties without long-term key exposure

Abstract

The absence of security and privacy measures between DNS recursive resolvers and authoritative nameservers has been exploited by both on-path and off-path attackers. Although numerous security proposals have been introduced in practice and in the literature, they often face deployability barriers and/or lack a compelling set of security and privacy properties, resulting in limited adoption. We introduce ss2DNS, a novel DNS scheme designed to mitigate the security and privacy vulnerabilities in the resolution process between resolvers and authoritative nameservers, while preserving efficiency by maintaining a single round-trip. ss2DNS takes advantage of a hierarchical trust model that does not rely on entities external to DNS zones, and delegates nameserver replicas within each zone to serve zone data securely for short, renewable time intervals. This design enables real-time security properties for DNS messages without requiring the duplication of long-term private keys on replicas, thereby minimizing exposure to compromise. We implement a proof of concept of ss2DNS for evaluation and show that for server-side processing latency, resolution time, and CPU usage, ss2DNS is comparable to less-secure schemes but significantly outperforms DNS-over-TLS.