Deploying Cryptography in Internet-Scale Systems: A Case Study on DNSSEC

  title={Deploying Cryptography in Internet-Scale Systems: A Case Study on DNSSEC},
  author={Hao Yang and Eric Osterweil and Daniel Massey and Songwu Lu and Lixia Zhang},
  journal={IEEE Transactions on Dependable and Secure Computing},
The DNS Security Extensions (DNSSEC) are among the first attempts to deploy cryptographic protections in an Internet-scale operational system. DNSSEC applies well-established public key cryptography to ensure data integrity and origin authenticity in the DNS system. While the cryptographic design of DNSSEC is sound and seemingly simple, its development has taken the IETF over a decade and several protocol revisions, and even today its deployment is still in the early stage of rolling out. In… CONTINUE READING
Highly Cited
This paper has 39 citations. REVIEW CITATIONS
28 Citations
33 References
Similar Papers


Publications citing this paper.
Showing 1-10 of 28 extracted citations


Publications referenced by this paper.
Showing 1-10 of 33 references

DNS Security (DNSSE C) Hash Authenticated Denial of Existence

  • B. Laurie, G. Sisson, R. Arends
  • RFC 5155,
  • 2008
Highly Influential
7 Excerpts

Why cryptograph is harder than it looks

  • B. Schneier
  • Wh ite Paper, Counterpane Systems
  • 1997
Highly Influential
3 Excerpts

The State and Challenges of the Dnssec Deployment , ” NANOG 44

  • M. Larson, D. Massey, S. Rose
  • 2008

http://en.wi index.php?title=YogiBerra&oldid=607127

  • Los Angeles
  • Wikiquote. Yogi berra — wikiquote,
  • 2007
1 Excerpt

Similar Papers

Loading similar papers…