Challenges of DNS in the Post-Quantum Era: Improving Security with Post-Quantum TLS

Aydeger, Abdullah and Hoque, Sanzida and Zeydan, Engin (2025) Challenges of DNS in the Post-Quantum Era: Improving Security with Post-Quantum TLS. INFOCOMMUNICATIONS JOURNAL, 17 (3). pp. 11-21. ISSN 2061-2079

Preview

Text InfocomJournal_2025_3_2.pdf - Published Version Download (1MB) | Preview

Abstract

The Domain Name System (DNS), an important component of the Internet infrastructure, is vulnerable to various attacks that can jeopardize the security and privacy of Internet communications. While DNS over TLS (DoT) is widely used to improve DNS security, the advent of quantum computing poses a significant threat to the underlying cryptographic algorithms used in TLS. In this paper, we propose a comprehensive framework for DNS over Post-Quantum TLS (DoPQT) to address this challenge. Our framework integrates post-quantum cryptographic algorithms into DoT, ensuring robust security against both classical and quantum attacks. We introduce a hybrid key exchange mechanism and post-quantum authentication procedures to protect the confidentiality, integrity, and authenticity of DNS traffic. DoPQT has the potential to offer comparable performance to existing solutions while demonstrating superior quantum resistance. This research contributes to the development of a secure and resilient DNS infrastructure in the post-quantum era. It has been observed that the handshake process is most affected by increased DNS queries and is the main source of the bottleneck. On the other hand, the percentage loss in throughput when using the PQC algorithm (i.e., MLKEM) is about 33-40% for different DNS queries.

Actions (login required)

Edit Item