Title :
Dynamic DNS Update Security, Based on Cryptographically Generated Addresses and ID-Based Cryptography, in an IPv6 Autoconfiguration Context
Author :
Combes, Jean-Michel ; Arfaoui, Ghada ; Laurent, Maryline
Author_Institution :
Orange Labs., France Telecom-Orange, Issy-Les-Moulineaux, France
Abstract :
This paper proposes a new security method for protecting signalling for Domain Name System (DNS) architecture. That is, it makes secure DNS update messages for binding a Fully Qualified Domain Name (FQDN) of an IPv6 node and the IPv6 address of the node owning this FQDN. This method is based on the use of Cryptographically Generated Addresses (CGA) and IDBased Cryptography (IBC). Combination of these two techniques allows DNS server to check the ownership of the IPv6 address and the FQDN, sent by the DNS client. In addition, this paper describes how this method has been implemented.
Keywords :
Internet; cryptography; transport protocols; CGA; FQDN; IBC; ID-based cryptography; IPv6 address; IPv6 autoconfiguration context; IPv6 node; cryptographically generated addresses; domain name system architecture; dynamic DNS update security; fully qualified domain name; new security method; Authentication; IP networks; Public key; Servers; Cryptographically Generated Addresses; DNS update; ID-Based Cryptography; IPv6; Security;
Conference_Titel :
Availability, Reliability and Security (ARES), 2012 Seventh International Conference on
Conference_Location :
Prague
Print_ISBN :
978-1-4673-2244-7
DOI :
10.1109/ARES.2012.69
