Nâng cao hiệu quả bảo mật cho hệt hống tên miền

Abstract

Domain  Name  Server  (DNS)  system,  a root  source  providing  answers  with  IP  addresses  forany request for domain names, is regarded as the most important  part  of  Internet.  DNS  system  also  plays  avery  important  part  of  cryptography  analytic infrastructure  of  Internet.  Any  change  made  to  DNS system  can  make  the  system  fall  into  malfunction, boosting  complexity  levels  in  dealing  with  triggered issues  [2,11].  Therefore,  security  for  DNS  is  a  vital must.  For  the  time  being,  RSA  algorithm  [6,12]  has become  the  de  factor  standard  for  DNS  security. However,  RSA  requires  a  longer  key  length  of  more than  1000  bits  [10,15],  affecting  performance efficiency  of  DNS  system.  Hence,  elliptic  curve cryptography  or  ECC  is  regarded  as  an  alternative mechanism for implementing public-key cryptography.The  ECC  is  expected  to  be  used  not  only  in  new generation  mobile  devices  [13]  but  also  in  DNS system in the near future as ECC requires shorter key length than RSA but providing the same security level. This  paper  focuses  on  introducing  ECC  and  new findings  related  to  this  mechanism  such  as  key  pairgeneration  algorithms,  key  transfer,  encryption  anddecryption in ECC, as well as findings of the trialon the  Vietnam  national  domain  name  system  dot  VN; these  findings  aims  to  apply  for  certification  domain name  data  transfer  for  the  DNS  system  of  a  country and compare with the same method in RSA algorithm