Effects of secured DNS transport on resolver performance

Designed 40 years ago, DNS is still a core component of internet: billions of DNS queries are processed each day to resolve domain names to IP addresses. Originally designed for performances and scalability, its transport protocol is unen-crypted, leading to security flaws. Recently, secure protocol...

Full description

Saved in:
Bibliographic Details
Main Authors: Louet, Etienne LE, Blin, Antoine, Sopena, Julien, Amamou, Ahmed, Haddadou, Kamel
Format: Conference Proceeding
Language:English
Subjects:
Costs
Industries
Protocols
Scalability
Shape
Switches
Transport protocols
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 244
container_issue
container_start_page 238
container_title
container_volume
creator Louet, Etienne LE
Blin, Antoine
Sopena, Julien
Amamou, Ahmed
Haddadou, Kamel
description Designed 40 years ago, DNS is still a core component of internet: billions of DNS queries are processed each day to resolve domain names to IP addresses. Originally designed for performances and scalability, its transport protocol is unen-crypted, leading to security flaws. Recently, secure protocols have emerged, but the question of their scalability and sustainability remains open. In this paper we study the cost of switching from the legacy DNS transport to the newer ones, by first characterising the shape of the traffic between clients and secured public resolvers. Then, we replicate said traffic, to measure the added cost of each protocol. We found that, while connections usually stayed open, many closures and openings were made in some cases. Comparing these profiles over different DNS transports, we observe that switching from the legacy protocol to a more secure one can lead to an important performance penalty.
doi_str_mv 10.1109/ISCC58397.2023.10217887
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_10217887</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10217887</ieee_id><sourcerecordid>10217887</sourcerecordid><originalsourceid>FETCH-LOGICAL-h2027-9f3e15155bc06869bd2a615a969f81a941081907973fbdfd93dd348ce2eb2ca93</originalsourceid><addsrcrecordid>eNo1j8FKAzEUAKMgWGv_QDA_sPUl2WzeO8patVD0UD2XbPKClXZ3SVbBv1dQT3MbZoS4VrBUCuhmvW1bi4bcUoM2SwVaOUR3IhbkCI0FA1CjPhUz3dS6cgbpXFyU8g4AaLWbCVylxGEqckiycPjIHOXd01ZO2fdlHPIkh15mLsPhk7McOachH30f-FKcJX8ovPjjXLzer17ax2rz_LBubzfV20-SqygZVlZZ2wVosKEuat8o66mhhMpTrQAVgSNnUhdTJBOjqTGw5k4HT2Yurn69e2bejXl_9Plr939qvgGEM0eY</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Effects of secured DNS transport on resolver performance</title><source>IEEE Xplore All Conference Series</source><creator>Louet, Etienne LE ; Blin, Antoine ; Sopena, Julien ; Amamou, Ahmed ; Haddadou, Kamel</creator><creatorcontrib>Louet, Etienne LE ; Blin, Antoine ; Sopena, Julien ; Amamou, Ahmed ; Haddadou, Kamel</creatorcontrib><description>Designed 40 years ago, DNS is still a core component of internet: billions of DNS queries are processed each day to resolve domain names to IP addresses. Originally designed for performances and scalability, its transport protocol is unen-crypted, leading to security flaws. Recently, secure protocols have emerged, but the question of their scalability and sustainability remains open. In this paper we study the cost of switching from the legacy DNS transport to the newer ones, by first characterising the shape of the traffic between clients and secured public resolvers. Then, we replicate said traffic, to measure the added cost of each protocol. We found that, while connections usually stayed open, many closures and openings were made in some cases. Comparing these profiles over different DNS transports, we observe that switching from the legacy protocol to a more secure one can lead to an important performance penalty.</description><identifier>EISSN: 2642-7389</identifier><identifier>EISBN: 9798350300482</identifier><identifier>DOI: 10.1109/ISCC58397.2023.10217887</identifier><language>eng</language><publisher>IEEE</publisher><subject>Costs ; Industries ; Protocols ; Scalability ; Shape ; Switches ; Transport protocols</subject><ispartof>2023 IEEE Symposium on Computers and Communications (ISCC), 2023, p.238-244</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10217887$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,4050,4051,27925,54555,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10217887$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Louet, Etienne LE</creatorcontrib><creatorcontrib>Blin, Antoine</creatorcontrib><creatorcontrib>Sopena, Julien</creatorcontrib><creatorcontrib>Amamou, Ahmed</creatorcontrib><creatorcontrib>Haddadou, Kamel</creatorcontrib><title>Effects of secured DNS transport on resolver performance</title><title>2023 IEEE Symposium on Computers and Communications (ISCC)</title><addtitle>ISCC</addtitle><description>Designed 40 years ago, DNS is still a core component of internet: billions of DNS queries are processed each day to resolve domain names to IP addresses. Originally designed for performances and scalability, its transport protocol is unen-crypted, leading to security flaws. Recently, secure protocols have emerged, but the question of their scalability and sustainability remains open. In this paper we study the cost of switching from the legacy DNS transport to the newer ones, by first characterising the shape of the traffic between clients and secured public resolvers. Then, we replicate said traffic, to measure the added cost of each protocol. We found that, while connections usually stayed open, many closures and openings were made in some cases. Comparing these profiles over different DNS transports, we observe that switching from the legacy protocol to a more secure one can lead to an important performance penalty.</description><subject>Costs</subject><subject>Industries</subject><subject>Protocols</subject><subject>Scalability</subject><subject>Shape</subject><subject>Switches</subject><subject>Transport protocols</subject><issn>2642-7389</issn><isbn>9798350300482</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2023</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNo1j8FKAzEUAKMgWGv_QDA_sPUl2WzeO8patVD0UD2XbPKClXZ3SVbBv1dQT3MbZoS4VrBUCuhmvW1bi4bcUoM2SwVaOUR3IhbkCI0FA1CjPhUz3dS6cgbpXFyU8g4AaLWbCVylxGEqckiycPjIHOXd01ZO2fdlHPIkh15mLsPhk7McOachH30f-FKcJX8ovPjjXLzer17ax2rz_LBubzfV20-SqygZVlZZ2wVosKEuat8o66mhhMpTrQAVgSNnUhdTJBOjqTGw5k4HT2Yurn69e2bejXl_9Plr939qvgGEM0eY</recordid><startdate>2023</startdate><enddate>2023</enddate><creator>Louet, Etienne LE</creator><creator>Blin, Antoine</creator><creator>Sopena, Julien</creator><creator>Amamou, Ahmed</creator><creator>Haddadou, Kamel</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>2023</creationdate><title>Effects of secured DNS transport on resolver performance</title><author>Louet, Etienne LE ; Blin, Antoine ; Sopena, Julien ; Amamou, Ahmed ; Haddadou, Kamel</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-h2027-9f3e15155bc06869bd2a615a969f81a941081907973fbdfd93dd348ce2eb2ca93</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Costs</topic><topic>Industries</topic><topic>Protocols</topic><topic>Scalability</topic><topic>Shape</topic><topic>Switches</topic><topic>Transport protocols</topic><toplevel>online_resources</toplevel><creatorcontrib>Louet, Etienne LE</creatorcontrib><creatorcontrib>Blin, Antoine</creatorcontrib><creatorcontrib>Sopena, Julien</creatorcontrib><creatorcontrib>Amamou, Ahmed</creatorcontrib><creatorcontrib>Haddadou, Kamel</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Louet, Etienne LE</au><au>Blin, Antoine</au><au>Sopena, Julien</au><au>Amamou, Ahmed</au><au>Haddadou, Kamel</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Effects of secured DNS transport on resolver performance</atitle><btitle>2023 IEEE Symposium on Computers and Communications (ISCC)</btitle><stitle>ISCC</stitle><date>2023</date><risdate>2023</risdate><spage>238</spage><epage>244</epage><pages>238-244</pages><eissn>2642-7389</eissn><eisbn>9798350300482</eisbn><abstract>Designed 40 years ago, DNS is still a core component of internet: billions of DNS queries are processed each day to resolve domain names to IP addresses. Originally designed for performances and scalability, its transport protocol is unen-crypted, leading to security flaws. Recently, secure protocols have emerged, but the question of their scalability and sustainability remains open. In this paper we study the cost of switching from the legacy DNS transport to the newer ones, by first characterising the shape of the traffic between clients and secured public resolvers. Then, we replicate said traffic, to measure the added cost of each protocol. We found that, while connections usually stayed open, many closures and openings were made in some cases. Comparing these profiles over different DNS transports, we observe that switching from the legacy protocol to a more secure one can lead to an important performance penalty.</abstract><pub>IEEE</pub><doi>10.1109/ISCC58397.2023.10217887</doi><tpages>7</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier EISSN: 2642-7389
ispartof 2023 IEEE Symposium on Computers and Communications (ISCC), 2023, p.238-244
issn 2642-7389
language eng
recordid cdi_ieee_primary_10217887
source IEEE Xplore All Conference Series
subjects Costs
Industries
Protocols
Scalability
Shape
Switches
Transport protocols
title Effects of secured DNS transport on resolver performance
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T09%3A47%3A09IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Effects%20of%20secured%20DNS%20transport%20on%20resolver%20performance&rft.btitle=2023%20IEEE%20Symposium%20on%20Computers%20and%20Communications%20(ISCC)&rft.au=Louet,%20Etienne%20LE&rft.date=2023&rft.spage=238&rft.epage=244&rft.pages=238-244&rft.eissn=2642-7389&rft_id=info:doi/10.1109/ISCC58397.2023.10217887&rft.eisbn=9798350300482&rft_dat=%3Cieee_CHZPO%3E10217887%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-h2027-9f3e15155bc06869bd2a615a969f81a941081907973fbdfd93dd348ce2eb2ca93%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10217887&rfr_iscdi=true