Presented by, Team: Natus Vincere Adarsh Naga Seshulu Recherla Nikila Goli Venkata Harish Mopidevi...
-
Upload
eleanore-freeman -
Category
Documents
-
view
216 -
download
1
Transcript of Presented by, Team: Natus Vincere Adarsh Naga Seshulu Recherla Nikila Goli Venkata Harish Mopidevi...
Presented by,Team: Natus Vincere
Adarsh Naga Seshulu RecherlaNikila Goli
Venkata Harish Mopidevi
Secure DNS Caching using Custom Network Processor
Employee
CEO
Hi! Can I meet Miss.X? Sure. You may
go to cabin 201.
Thank youHi! I would like to meet the CEO. Do you have an
appointment?Yes. I do.OK. You may go to
cabin 301
Receptionist
Real World Analogy
Employee
CEO
ReceptionistEnd User
DNS Server
Domain1
Domain 2
DNS Cache
DNS Caching
n0 n1NetFPGA
Real World AnalogyDesign Implementation on NetFPGA
n0 n1NetFPGA
DNS Query
ImplementationDesign Implementation on NetFPGA
010011001
111000011
001011100
001000111
010101010
101110100
Domain IP Address
DNS Query N2
DNS Query
1 2
Cache Miss!
DNS Query
DNS Query Handling
n0 n1NetFPGA
DNS Query DNS Response
DNS Response & Caching
010011001
111000011
001011100
001000111
010101010
101110100
Domain IP Address Auth
DNS ResponseDNS Response
1 2Modified
PacketN2
10.1.2.3
UserRSA
Public Key
V
1
Key Exchange Required
000100010
DNS Response & Caching
n0 n1NetFPGA
Modified Packet
UserRSA
Public Key
V
n0 %$#*&% 1
DNS Response
Request Timed out
DNS Query
Secure Key Exchange & Authentication
Secured DNS Caching Implementation
Conventional DNS Caching Implementation
DNS Cache itself performs authentication Requires Firewall for authentication
Latency in request handling is low (u sec) Latency is in the order of (m sec)
Robust to snooping attacks Vulnerable to snooping attacks
Comparison with existing systems
Date Milestones Progress
April, 20th Implemented Socket Program on the node and netFPGA for 1024 bit RSA key exchange in software.
April, 27th Implemented DNS caching and Response handling feature using our processor.
May, 4th Implement a socket program on node1 to process DNS Request and integration of the whole design to verify the functionality.
---
Final Demo Demonstrate completely functional DNS caching and query handling with RSA key exchange.
---
• “DNS Performance and the Effectiveness of Caching”-Jaeyeon Jung, Emil Sit, Hari Balakrishnan, Member, IEEE, and Robert Morris
• “Lightweight Multi-threaded Network Processor Core in FPGA”- Piotr Buciak, Jakub Botwicz Warsaw University of Technology pbuciak,[email protected]
• “Research and Implementation of RSA Algorithm for Encryption and Decryption “ - Xin Zhou ; Dept. of Comput. Sci. & Technol., Harbin Univ. of Sci. & Technol., Harbin, China
• “Hands-on with the NetFPGA to build a Gigabit-rate Router” - McKeown, N. ; Stanford Univ., Stanford ; Lockwood, J.W. ; Naous, J. ; Gibb, G.
• “Configuration of DNS server with cryptographic algorithm for secure DNS and DHCP updates” - Chatterjee, T. ; Inf. Technol., ABV-IIITM, Gwalior, India
References
DNS Query for n2Encrypted DNS Query
Encrypted DNS ResponseCache
Updated
Forwarding
n0 NetFPGA n1
DNS Query handling for Unauthenticated Domain
Cache Miss
DNS Query for n3Encrypted DNS Query
Encrypted DNS ResponseCache
Updated
n0 NetFPGA n1
DNS Query handling for Authenticated Domain
CacheMiss
Authorization Required
RSA Keys ExchangedRequest Timed
OutDNS Query for n3
DNS Response for n3