Measuring the Performance Impact of NSEC5 (Abstract)

While DNSSEC provides authenticity and integrity to the domain name system (DNS), it also introduces a new vulnerability—zone enumeration [12, 5, 4, 19]—which allows an adversary that asks a small number of targeted DNS queries (one per record in the zone) to discover the full contents of a zone. An enumerated zone can be used as “a source of probable e-mail addresses for spam, or as a key for multiple WHOIS queries to reveal registrant data that many registries may have legal obligations to protect” [12] (e.g., EU data protection laws [13],[3, pg. 37]), or to create a toehold for more complex attacks. As the Internet of things becomes increasingly ubiquitous, it also becomes increasingly important to keep the names and addresses of these “things” (e.g., thermostats, fridges, baby monitors) away from remote attackers. NSEC5 was introduced in [8] as an extension to DNSSEC that solves the zone enumeration problem while still remaining secure even if the authoritative nameserver is compromised. (This is in contrast to (1) NSEC3 [12], which is vulnerable to zone enumeration via offline dictionary attacks [5, 19], and (2) “NSEC3 White Lies ”[6], and “NSEC3 Black Lies” [16], which solve DNSSEC’s zone enumeration problem but assume the authoritative nameserver is trusted to hold the secret DNSSEC zone-signing key (ZSK); thus, if the authoritative is compromised, the security of the zone is compromised as well.) In this work we revisit NSEC5 proposing a modified version based on a custom-made elliptic curve cryptography construction that produces much shorter responses than the originally proposed version. Moreover, we provide the first working implementation of NSEC5-ready authoritative and recursive nameservers, and discuss their performance.