all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The KeyTrap Denial-of-Service Algorithmic Complexity Attacks On DNS

Add to bookmarks
Feb. 22, 2024, 4:04 p.m. |

Packet Storm packetstormsecurity.com

In this paper, the authors show that the design of DNSSEC is flawed. Exploiting vulnerable recommendations in the DNSSEC standards, they developed a new class of DNSSEC-based algorithmic complexity attacks on DNS, they dubbed KeyTrap attacks. All popular DNS implementations and services are vulnerable. With just a single DNS packet, the KeyTrap attacks lead to a 2.000.000x spike in CPU instruction count in vulnerable DNS resolvers, stalling some for as long as 16 hours. This devastating effect prompted major DNS …

attacks authors class complexity design dns dnssec exploiting keytrap packet popular recommendations service services single standards vulnerable

Visit resource

More from packetstormsecurity.com / Packet Storm

Wireshark Analyzer 4.2.5 2 days, 14 hours ago | packetstormsecurity.com
capture code commercial features +14
Packet Fence 13.2.0 2 days, 14 hours ago | packetstormsecurity.com
abnormal access access control a network +21
SIPPTS 4.0 2 days, 14 hours ago | packetstormsecurity.com
audit check devices protocol +13
Debian Security Advisory 5692-1 2 days, 15 hours ago | packetstormsecurity.com
advisory arbitrary code code debian +18
Debian Security Advisory 5691-1 2 days, 15 hours ago | packetstormsecurity.com
advisory arbitrary code browser clickjacking +16
Debian Security Advisory 5689-1 2 days, 15 hours ago | packetstormsecurity.com
advisory arbitrary code aware chromium +19
Debian Security Advisory 5690-1 2 days, 15 hours ago | packetstormsecurity.com
advisory click debian debian linux security +11
Ubuntu Security Notice USN-6766-2 2 days, 15 hours ago | packetstormsecurity.com
action attacker conditions denial of service +16
Red Hat Security Advisory 2024-2852-03 2 days, 15 hours ago | packetstormsecurity.com
advisory apache build developer +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India
View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190
View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal
View on infosec-jobs.com