Poor Man's Hardware Security Module (pmHSM): A Threshold Cryptographic Backend for DNSSEC

Author: Francisco Cifuentes, A.H., Francisco Montoto, Tomás Barros, Victor Ramiro, and Javier Bustos-Jimenez.


The DNS Security Extensions (DNSSEC) add a new layer of security based on public-key infrastructure: each DNS record is digitally signed to verify the authenticity of the answer. However, the introduction of DNSSEC has an impact in the operational workflow of DNS systems: (i) signatures have an expiration date, hence the records must be periodically signed and (ii) key management tasks can be overwhelming. These are problems specially for DNS zones with several records (for instance a Top Level Domain). The adoption of Hardware Security Module (HSM) is an option to provide highly secured keys and signature management. Nevertheless HSM is expensive and hardware can fail. We present a novel system based on threshold cryptography, called Poor Man's Hardware Security Module (pmHSM), which provides the signature components of an HSM over inexpensive commodity hardware to support the operational signing workflow of DNSSEC. This approach significantly improves security and availability of the overall system since the secret key is left beyond the reach of malicious compromises, it is spread among several independent nodes of the system.

Ref: In Proceeding LANC '16 Proceedings of the 9th Latin America Networking Conference, October 13-14, 2016, pp. 59-64, ACM Press. Link.