Subverting BIND's SRTT Algorithm Derandomizing NS Selection
نویسندگان
چکیده
We begin by describing the basics of the DNS protocol. We continue with a survey of known attacks on DNS, and finalize with a genuine, deterministic attack against BIND’s SRTT (Smoothed Round Trip Time) algorithm. Our method enables derandomization of the target name server thus reduces the expected time of DNS cache poisoning attacks.
منابع مشابه
On Derandomizing Tests for Certain Polynomial Identities
We extract a paradigm for derandomizing tests for polynomial identities from the recent AKS primality testing algorithm. We then discuss its possible application to other tests.
متن کاملAuthority Server Selection of DNS Caching Resolvers
Operators of high-profile DNS zones utilize multiple authority servers for performance and robustness. We conducted a series of trace-driven measurements to understand how current caching resolver implementations distribute queries among a set of authority servers. Our results reveal areas for improvement in the “apparently sound” server selection schemes used by some popular implementations. I...
متن کاملDerandomizing the Isolation Lemma and Lower Bounds for Noncommutative Circuit Size
We give a randomized polynomial-time identity test for noncommutative circuits of polynomial degree based on the isolation lemma. Using this result, we show that derandomizing the isolation lemma implies noncommutative circuit size lower bounds. More precisely, we consider two restricted versions of the isolation lemma and show that derandomizing each of them implies nontrivial circuit size low...
متن کامل