Keynote Address: Breaking Dnssec

No ratings

Presented at 3rd USENIX Workshop on Offensive Technologies 2009 by

Daniel Bernstein

University Chicago

More than two hundred sites around the world have installed DNSSEC during the past year, so attackers can finally gain hands-on experience with breaking DNSSEC servers. How quickly does DNSSEC leak private information? How powerful are today's DNSSEC servers when they are abused as denial-of-service amplifiers? How easy is it to forge DNS data from a DNSSEC server?