This is the fourth in a multi-part series on cryptography and the Domain Name System (DNS).
One of the "key" questions cryptographers have been asking for the past decade or more is what to do about the potential future development of a large-scale quantum computer.
If theory holds, a quantum computer could break established public-key algorithms including RSA and elliptic curve cryptography (ECC), building on Peter Shor's groundbreaking result from 1994.
This prospect has motivated research into new so-called "post-quantum" algorithms that are less vulnerable to quantum computing advances. These algorithms, once standardized, may well be added into the Domain Name System Security Extensions (DNSSEC) thus also adding another dimension to a cryptographer's perspective on the DNS.
(Caveat: Once again, the concepts I'm discussing in this post are topics we're studying in our long-term research program as we evaluate potential future applications of technology. They do not necessarily represent Verisign's plans or position on possible new products or services.)
The National Institute of Standards and Technology (NIST) started a Post-Quantum Cryptography project in 2016 to "specify one or more additional unclassified, publicly disclosed digital signature, public-key encryption, and key-establishment algorithms that are capable of protecting sensitive government information well into the foreseeable future, including after the advent of quantum computers."
Security protocols that NIST is targeting for these algorithms, according to its 2019 status report (Section 2.2.1), include: "Transport Layer Security (TLS), Secure Shell (SSH), Internet Key Exchange (IKE), Internet Protocol Security (IPsec), and Domain Name System Security Extensions (DNSSEC)."
The project is now in its third round, with seven finalists, including three digital signature algorithms, and eight alternates.
NIST's project timeline anticipates that the draft standards for the new post-quantum algorithms will be available between 2022 and 2024.
It will likely take several additional years for standards bodies such as the Internet Engineering Task (IETF) to incorporate the new algorithms into security protocols. Broad deployments of the upgraded protocols will likely take several years more.
Post-quantum algorithms can therefore be considered a long-term issue, not a near-term one. However, as with other long-term research, it's appropriate to draw attention to factors that need to be taken into account well ahead of time.
The three candidate digital signature algorithms in NIST's third round have one common characteristic: all of them have a key size or signature size (or both) that is much larger than for current algorithms.
Key and signature sizes are important operational considerations for DNSSEC because most of the DNS traffic exchanged with authoritative data servers is sent and received via the User Datagram Protocol (UDP), which has a limited response size.
Response size concerns were evident during the expansion of the root zone signing key (ZSK) from 1024-bit to 2048-bit RSA in 2016, and in the rollover of the root key signing key (KSK) in 2018. In the latter case, although the signature and key sizes didn't change, total response size was still an issue because responses during the rollover sometimes carried as many as four keys rather than the usual two.
Thanks to careful design and implementation, response sizes during these transitions generally stayed within typical UDP limits. Equally important, response sizes also appeared to have stayed within the Maximum Transmission Unit (MTU) of most networks involved, thereby also avoiding the risk of packet fragmentation. (You can check how well your network handles various DNSSEC response sizes with this tool developed by Verisign Labs.)
The larger sizes associated with certain post-quantum algorithms do not appear to be a significant issue either for TLS, according to one benchmarking study, or for public-key infrastructures, according to another report. However, a recently published study of post-quantum algorithms and DNSSEC observes that "DNSSEC is particularly challenging to transition" to the new algorithms.
Verisign Labs offers the following observations about DNSSEC-related queries that may help researchers to model DNSSEC impact:
A typical resolver that implements both DNSSEC validation and qname minimization will send a combination of queries to Verisign's root and top-level domain (TLD) servers.
Because the resolver is a validating resolver, these queries will all have the "DNSSEC OK" bit set, indicating that the resolver wants the DNSSEC signatures on the records.
The content of typical responses by Verisign's root and TLD servers to these queries are given in Table 1 below. (In the table,
For an A or NS query, the typical response, when the domain of interest exists, includes a referral to another name server. If the domain supports DNSSEC, the response also includes a set of Delegation Signer (DS) records providing the hashes of each of the referred zone's KSKs the next link in the DNSSEC trust chain. When the domain of interest doesn't exist, the response includes one or more Next Secure (NSEC) or Next Secure 3 (NSEC3) records.
Researchers can estimate the effect of post-quantum algorithms on response size by replacing the sizes of the various RSA keys and signatures with those for their post-quantum counterparts. As discussed above, it is important to keep in mind that the number of keys returned may be larger during key rollovers.
Most of the queries from qname-minimizing, validating resolvers to the root and TLD name servers will be for A or NS records (the choice depends on the implementation of qname minimization, and has recently trended toward A). The signature size for a post-quantum algorithm, which affects all DNSSEC-related responses, will therefore generally have a much larger impact on average response size than will the key size, which affects only the DNSKEY responses.
Post-quantum algorithms are among the newest developments in cryptography. They add another dimension to a cryptographer's perspective on the DNS because of the possibility that these algorithms, or other variants, may be added to DNSSEC in the long term.
In my next post, I'll make the case for why the oldest post-quantum algorithm, hash-based signatures, could be a particularly good match for DNSSEC. I'll also share the results of some research at Verisign Labs into how the large signature sizes of hash-based signatures could potentially be overcome.
Read the previous posts in this six-part blog series:
See original here:
Securing the DNS in a Post-Quantum World: New DNSSEC Algorithms on the Horizon - CircleID
- D-Wave Introduces New Fast Anneal Feature, Extending Quantum Computing Performance Gains - Yahoo Finance - April 20th, 2024 [April 20th, 2024]
- Major First: Quantum Information Produced, Stored, And Retrieved - ScienceAlert - April 20th, 2024 [April 20th, 2024]
- Horizon Quantum Computing to Establish First-of-a-Kind Hardware Testbed - The Quantum Insider - April 20th, 2024 [April 20th, 2024]
- Quantum Cloud Computing Secured in New Breakthrough at Oxford - TechRepublic - April 20th, 2024 [April 20th, 2024]
- Quantum Computing Could be the Next Revolution - Fair Observer - April 20th, 2024 [April 20th, 2024]
- Horizon Quantum Computing to Pioneer Multi-Vendor Quantum Hardware Testbed - HPCwire - April 20th, 2024 [April 20th, 2024]
- These 10 quantum computing companies have pulled in the most VC cash - PitchBook News & Analysis - April 20th, 2024 [April 20th, 2024]
- D-Wave Launches Fast Anneal Feature for Enhanced Quantum Computing Performance - Quantum Computing Report - April 20th, 2024 [April 20th, 2024]
- Software Specialist Horizon Quantum to Build First-of-a-Kind Hardware Testbed - HPCwire - April 20th, 2024 [April 20th, 2024]
- Illuminating Futures: Celebrating Achievements and Exploring Quantum Computing at This is IT! Event - Royal Examiner - April 20th, 2024 [April 20th, 2024]
- Horizon Quantum Computing to Establish First-of-a-Kind Hardware Testbed - The Bakersfield Californian - April 20th, 2024 [April 20th, 2024]
- A Weakness in One of the NIST PQC Algorithms Was Not Uncovered After All - Quantum Computing Report - April 20th, 2024 [April 20th, 2024]
- Commodore 64 claimed to outperform IBM's quantum system sarcastic researchers say 1 MHz computer is faster ... - Tom's Hardware - April 20th, 2024 [April 20th, 2024]
- Quantum computing: a new frontier for the broadcast and media industry - RedShark News - April 20th, 2024 [April 20th, 2024]
- 3 Steps Businesses Should Take to Prepare for Quantum Computing Disruption - TechSpective - April 20th, 2024 [April 20th, 2024]
- Orientum Publishes 'Quantum Finance Algorithm' Paper on ArXiv - The Quantum Insider - April 20th, 2024 [April 20th, 2024]
- Quantum Linear Solvers for Redundant Baseline Calibration - AZoQuantum - April 20th, 2024 [April 20th, 2024]
- 'Almost very close' to nuclear weapon: Federal cyber officials brace for quantum computing surprise - Washington Times - April 20th, 2024 [April 20th, 2024]
- D-Wave fast anneal extends quantum computing performance ... - eeNews Europe - April 20th, 2024 [April 20th, 2024]
- Horizon Quantum Computing to Set Up Its Own Hardware Testbed for Tight Integration Between the Hardware and Software Stacks - Quantum Computing Report - April 20th, 2024 [April 20th, 2024]
- Global Quantum Technology Market Research 2024-2029 with Assessment of Companies Focused on Quantum ... - Daily Host News - April 20th, 2024 [April 20th, 2024]
- The experimental demonstration of a verifiable blind quantum computing protocol - Phys.org - April 20th, 2024 [April 20th, 2024]
- Researchers create 'quantum drums' to store qubits one step closer to groundbreaking internet speed and security - Tom's Hardware - April 20th, 2024 [April 20th, 2024]
- Access to burgeoning quantum technology field could be widened by educational model - Phys.org - April 20th, 2024 [April 20th, 2024]
- 'Quantum memory' could make the internet super fast and secure - Futurity: Research News - April 20th, 2024 [April 20th, 2024]
- Senate bill aims to bring more private sector participation to federal AI innovation - Nextgov/FCW - April 20th, 2024 [April 20th, 2024]
- Quantum Computing Leaps Forward with Groundbreaking Error Correction - yTech - April 4th, 2024 [April 4th, 2024]
- Microsoft and Quantinuum Pave the Way for Reliable Quantum Computing - yTech - April 4th, 2024 [April 4th, 2024]
- Breakthrough in Quantum Information Communication Achieved by Tokyo Researchers - yTech - April 4th, 2024 [April 4th, 2024]
- Microsoft Advances in Quantum Computing with Error-Reduction Breakthrough - yTech - April 4th, 2024 [April 4th, 2024]
- Quantinuum H2 Paves the Way for Reliable Quantum Computing - yTech - April 4th, 2024 [April 4th, 2024]
- Why Quantum Computers Will Never Break Bitcoin - Palm Beach Research Group - April 4th, 2024 [April 4th, 2024]
- Microsoft and Quantinuum boast quantum computing breakthrough - DIGIT.FYI - April 4th, 2024 [April 4th, 2024]
- Microsoft and Quantinuum announce breakthrough in quantum computing 14 thousand experiments without errors - ITC - April 4th, 2024 [April 4th, 2024]
- Revolutionizing Quantum Computing: Breakthroughs in Quantum Error Correction - AZoQuantum - April 4th, 2024 [April 4th, 2024]
- Quantum Computing Recharged With Electromagnetic Ion Trap Innovation - SciTechDaily - April 4th, 2024 [April 4th, 2024]
- Next-Generation Quantum Leap Achieved by Microsoft and Quantinuum - yTech - April 4th, 2024 [April 4th, 2024]
- Microsoft and Quantinuum announce development of next-generation technology that reduces 'noise' by 800 times ... - GIGAZINE - April 4th, 2024 [April 4th, 2024]
- BTQ Technologies Corp. Partners with the Australian Quantum Software Network to Advance Quantum Computing and ... - PR Newswire - April 4th, 2024 [April 4th, 2024]
- Quantinuum and Microsoft Leap towards Quantum Superiority with Noise Reduction Breakthrough - yTech - April 4th, 2024 [April 4th, 2024]
- The 3 Best Quantum Computing Stocks to Buy in Q2 2024 - InvestorPlace - April 4th, 2024 [April 4th, 2024]
- What Are the Implications of Quantum Computing for the Future of Data Security? - socPub - April 4th, 2024 [April 4th, 2024]
- Cosmic rays, XR, and 'multiverse' quantum computing welcome to EIC's deeptech Scaling Club - TNW - April 4th, 2024 [April 4th, 2024]
- Wall Street Favorites: 3 Quantum Computing Stocks with Strong Buy Ratings for February 2024 - InvestorPlace - February 26th, 2024 [February 26th, 2024]
- Never-Repeating Tiles Can Safeguard Quantum Information - Quanta Magazine - February 26th, 2024 [February 26th, 2024]
- Fractional Electrons: MIT's New Graphene Breakthrough Is Shaping the Future of Quantum Computing - SciTechDaily - February 26th, 2024 [February 26th, 2024]
- Qubits are notoriously prone to failure but building them from a single laser pulse may change this - Livescience.com - February 26th, 2024 [February 26th, 2024]
- New Phase of Matter Created During Experiments with Exotic Particles in Quantum Processor - The Debrief - February 26th, 2024 [February 26th, 2024]
- Harnessing the Power of Neutrality: Comparing Neutral-Atom Quantum Computing With Other Modalities - The Quantum Insider - February 26th, 2024 [February 26th, 2024]
- Apple is already defending iMessage against tomorrow's quantum computing attacks - The Verge - February 26th, 2024 [February 26th, 2024]
- Government of Canada Supports Xanadu to Accelerate Quantum Computing Research and Education - HPCwire - February 26th, 2024 [February 26th, 2024]
- U.S. weighs National Quantum Initiative Reauthorization Act - TechTarget - February 26th, 2024 [February 26th, 2024]
- The Current State of Quantum Computing - Securities.io - February 26th, 2024 [February 26th, 2024]
- Superconducting qubit promises breakthrough in quantum computing - Advanced Science News - February 26th, 2024 [February 26th, 2024]
- Quantum Computing Breakthrough: New Fusion of Materials Has All the Components Required for a Unique Type of ... - SciTechDaily - February 26th, 2024 [February 26th, 2024]
- 3 Quantum Computing Stocks That Could Be Multibaggers in the Making: February Edition - InvestorPlace - February 26th, 2024 [February 26th, 2024]
- DCD Podcast - The fundamentals of quantum computing, with Yuval Boger, QuEra - DCD - DatacenterDynamics - February 26th, 2024 [February 26th, 2024]
- Apple to launch PQ3 update for iMessage, bolstering encryption against quantum computing - ReadWrite - February 26th, 2024 [February 26th, 2024]
- Illinois governor's proposed $53B budget includes funds for migrants, quantum computing and schools - The Associated Press - February 26th, 2024 [February 26th, 2024]
- How is Quantum Technology Developing in Ireland? A Conversation with John Durcan, IDA Ireland - AZoQuantum - February 26th, 2024 [February 26th, 2024]
- Quantum Poker: The States of Colorado and Illinois are Betting on Quantum - Quantum Computing Report - February 26th, 2024 [February 26th, 2024]
- One of those transformational investments: $15M brings quantum computing to SC - WIS News 10 - February 26th, 2024 [February 26th, 2024]
- Apple is future-proofing iMessage with post-quantum cryptography - Cointelegraph - February 26th, 2024 [February 26th, 2024]
- Singapore warns banks to prepare for quantum computing cyber threat - Finextra - February 26th, 2024 [February 26th, 2024]
- New Superconducting Flowermon Superconducting Qubit Designed to Greatly Increase Coherence Times - Quantum Computing Report - February 26th, 2024 [February 26th, 2024]
- Apple Ramps Up iMessage Security to Fight Looming Quantum Computing Threat - PCMag - February 26th, 2024 [February 26th, 2024]
- IONQ Stock Outlook: Why This Quantum Computing Play Could Be a Long-Term Winner - InvestorPlace - February 26th, 2024 [February 26th, 2024]
- Apple future-proofing iMessage to protect against the scary future of quantum computing hacking - TechRadar - February 26th, 2024 [February 26th, 2024]
- Apple to upgrade iMessage with measures against future quantum computing hacking - The Indian Express - February 26th, 2024 [February 26th, 2024]
- FedDev Ontario invests $17 million in 12 companies to advance quantum computing - IT World Canada - February 26th, 2024 [February 26th, 2024]
- Apple Bolsters iMessage Encryption Amid Quantum Computing Threats - Telecom Lead - February 26th, 2024 [February 26th, 2024]
- The 3 Most Undervalued Quantum Computing Stocks to Buy in January - InvestorPlace - January 21st, 2024 [January 21st, 2024]
- The Week's 10 Biggest Funding Rounds: Quantinuum And Flexport Lock Up Huge Rounds - Crunchbase News - January 21st, 2024 [January 21st, 2024]
- US users top list after Chinas state-of-the-art quantum computer goes global - South China Morning Post - January 21st, 2024 [January 21st, 2024]
- Mitsui to invest in Quantinuum, a leading global quantum computing company, and sign a distributorship agreement for ... - Mitsui - January 21st, 2024 [January 21st, 2024]
- Breakthrough in quantum computing with stable room temperature qubits - Advanced Science News - January 21st, 2024 [January 21st, 2024]
- Why IONQ Is Not a Stock to Buy (Yet) - InvestorPlace - January 21st, 2024 [January 21st, 2024]
- Davos and the global state of quantum - POLITICO - January 21st, 2024 [January 21st, 2024]
- High-Frequency Transactions: Collaborating with Quantum AI? Features Film Threat - Film Threat - January 21st, 2024 [January 21st, 2024]
- Quantum Computing: Revolution on the Horizon? | by Shan | Jan, 2024 - Medium - January 21st, 2024 [January 21st, 2024]