An Encryption Algorithm to Prevent Domain Name System Cache Poisoning Attacks

Abstract

One of the major security threats in domain name system (DNS) is Cache Poisoning (CP) attack, where an attacker can change the IP address in the response packet or the database in DNS. To address CP attacks, many security protocols have been proposed. This paper proposes character-wise encryption (CWE) method to provide better security against CP attacks (the probability of successful attack is low as 10−33) as compared to the shift-key based method. In addition, the proposed method results in shorter encryption time. For example, with a domain name length of 30, CWE can reduce the encryption time by 10.7% as compared to the shift-key based method.