Securing DNSSEC Last Mile with DTLS

Abstract: Domain Name System Security Extension (DNSSEC) is a promising technology to handle weaksecurity issues in old DNS system. The deployment of DNSSEC seems to be going well andmore zones are getting signed to provide secure and authenticated DNS records to the end users.Datagram TLS is a widely used version of TLS that provides UDP based mechanism to securethe datagram. In the present work, the confidentiality and security of the DNSSEC protocol areinvestigated at the last mile. The benefits of protecting the DNSSEC traffic using DTLS at thisportion of the path are also investigated and evaluated. DTLS was implemented in small scalednetwork to measure influences caused by DTLS on the end user's queries and responses.