Poor Man's Hardware Security Module (pmHSM): A Threshold Cryptographic Backend for DNSSEC

@article{Cifuentes2016PoorMH,
  title={Poor Man's Hardware Security Module (pmHSM): A Threshold Cryptographic Backend for DNSSEC},
  author={Francisco Cifuentes and Alejandro Gonz{\'a}lez Hevia and Francisco Montoto and Tom{\'a}s Barros and Victor Ramiro and Javier Bustos-Jim{\'e}nez},
  journal={Proceedings of the 9th Latin America Networking Conference},
  year={2016}
}
The DNS Security Extensions (DNSSEC) add a new layer of security based on public-key infrastructure: each DNS record is digitally signed to verify the authenticity of the answer. However, the introduction of DNSSEC has an impact in the operational workflow of DNS systems: (i) signatures have an expiration date, hence the records must be periodically signed and (ii) key management tasks can be overwhelming. These are problems specially for DNS zones with several records (for instance a Top Level… 

Figures and Tables from this paper

Building a threshold cryptographic distributed HSM with docker containers
TLDR
A distributed signer system based on threshold cryptography, called Poor Man's Hardware Security Module (pmHSM), which provides the signature components of an HSM over inexpensive commodity hardware to support the operational signing workflow of DNSSEC.
Building a threshold cryptographic distributed HSM with docker containers
TLDR
A distributed signer system based on threshold cryptography, called Poor Man's Hardware Security Module (pmHSM), which provides the signature components of an HSM over inexpensive commodity hardware to support the operational signing workflow of DNSSEC.
Securing DNSSEC Keys via Threshold ECDSA From Generic MPC
TLDR
This work shows how to use techniques from threshold ECDSA to protect keys such that domains do not reveal their signing keys to a DNS operator, and to protect the operational integrity of DNS operator.
Securing DNSSEC Keys via Threshold ECDSA from Generic MPC
TLDR
Deployment of DNSSEC, although increasing, still suffers from many practical issues that results in a false sense of security, making the operator an attractive target for attackers.
Privacy Preserving and Resilient RPKI
TLDR
This work proposes the first distributed RPKI system, based on threshold signatures, that requires the coordination of a number of RIRs to make changes to RPKI objects; hence, preventing unilateral prefix takedown.
Handel: Practical Multi-Signature Aggregation for Large Byzantine Committees
TLDR
Handel, a Byzantine fault tolerant aggregation protocol that allows for the quick aggregation of cryptographic signatures over a WAN, is presented, as an open source Go library with a flexible design to support any associative and commutative aggregation function.
Formal verification of distributed system using an executable C model
TLDR
This work proposes a way to do formal verification of a distributed system by modeling the communication of the system as a concurrent program, instantiating the distributed system using threads and atomic queues and testing/verifying directly to the source code with specialized verifiers for concurrent programs.

References

SHOWING 1-10 OF 33 REFERENCES
Deploying Cryptography in Internet-Scale Systems: A Case Study on DNSSEC
TLDR
This study provides the first systematic examination of the design, deployment, and operational challenges encountered by DNSSEC over the years and reveals a fundamental gap between cryptographic designs and operational Internet systems.
Quantifying the operational status of the DNSSEC deployment
TLDR
The results provide the first comprehensive look at DNSSEC's deployment and reveal a number of challenges that were not anticipated in the design but have become evident in the deployment.
A Security Evaluation of DNSSEC with NSEC3
TLDR
This systematic study reveals several subtleties and potential pitfalls that can be avoided by proper configuration choices, including resource records that may remain valid after the expiration of relevant signatures and potential insertion of forged names into a DNSSEC-enabled domain via the opt-out option.
Secure distributed DNS
  • C. Cachin, A. Samar
  • Computer Science
    International Conference on Dependable Systems and Networks, 2004
  • 2004
TLDR
The design and implementation of a secure distributed name service on the level of a DNS zone is presented, able to provide fault tolerance and security even in the presence of a fraction of corrupted name servers, avoiding any single point of failure.
Security requirements for cryptographic modules
TLDR
A security model is described for different levels of cryptographic modules in different environments, designed after defining threats, and comprises of security levels, threat levels, cryptographically secure and approved algorithm requirements.
Domain Name System Security Extensions
TLDR
Extensions to the DNS are described that provide these services to security aware resolvers or applications through the use of cryptographic digital signatures and are included in secured zones as resource records.
Quantifying and Improving DNSSEC Availability
TLDR
A metric to analyze the administrative complexity of a DNS configuration, which contributes to its failure potential is introduced and a technique which uses soft anchoring to increase robustness in spite of misconfigurations is discussed.
Key management for heterogeneous ad hoc wireless networks
  • Seung Yi, R. Kravets
  • Computer Science
    10th IEEE International Conference on Network Protocols, 2002. Proceedings.
  • 2002
TLDR
This work describes a framework to provide efficient yet effective distributed CA service for ad hoc wireless networks and selects physically or computationally more secure nodes as MOCAs (MObile Certificate Authority) and uses threshold cryptography to distribute the CA's private key among these MOCA nodes.
SP 800-29. A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2
TLDR
This differences paper summarizes the changes from FIPS 140-1 to FIPS140-2 and documents the detailed requirements.
Secure and efficient key management in mobile ad hoc networks
...
1
2
3
4
...