DNS and the Future of Authenticity

DEF CON 23

Presented by: indolering
Date: Friday August 07, 2015
Time: 10:00 - 10:25
Location: Crypto and Privacy Village

DNS is the keystone of the internet, the interface that allows us to attach semantic meaning to the world’s largest distributed computing system. It is the basis of the most widely used remote function call interface: the web browser’s address bar. From the browser, to SSH, to email, the Domain Name System is what we use to bootstrap the identity of programs, servers, and people.

Yet this key/value data store from the 80’s is insecure and increasingly prone to censorship. We have had the tools needed to make DNS cryptographically verifiable and decentralized for some time but the initial implementations failed. Thankfully, after years of research and trial-and-error, we finally have practical and deployable solutions.

This talk covers the benefits a cryptographically verifiable domain name system and the state of decentralized DNS. It debunks common myths about DNSSEC and explains why it is vital to a decentralized DNS. It finishes with an overview of Namecoin, outlining past challenges that have stymied widespread adoption and potential solutions.

indolering

Indolering is a usability engineer and focuses on security related usability research. He is a recent graduate, the lead usability engineer for the Namecoin project, and has a similar day job at EasyDNS.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats