Dynamic DNS Update Security, Based on Cryptographically Generated Addresses and ID-Based Cryptography, in an IPv6 Autoconfiguration Context

Provided by: CNRS
Topic: Security
Format: PDF
In this paper, the authors propose a new security method for protecting signaling for Domain Name System (DNS) architecture. That is, it makes secure DNS update messages for binding a Fully Qualified Domain Name (FQDN) of an IPv6 node and the IPv6 address of the node owning this FQDN. This method is based on the use of Cryptographically Generated Addresses (CGA) and ID-Based Cryptography (IBC). Combination of these two techniques allows DNS server to check the ownership of the IPv6 address and the FQDN, sent by the DNS client. In addition, this paper describes how this method has been implemented.

Find By Topic