Metadata only
Datum
2017-04Typ
- Conference Paper
Abstract
Internet kill switches are possible in today's Internet, but to date have been locally-scoped and self-inflicted. As more networks move towards centralized key architectures such as DNSSEC and BGPsec, adversarial kill switches become more powerful. We analyze the feasibility of and mechanisms for executing kill switches on remote DNSSEC- or BGPsec-enabled networks, finding that kill switches must be considered in the design of next generation Internet protocols. We also describe recovery procedures and properties intended to evaluate kill switch events, finding that recovering from a compromised key may take up to 48 hours. Mehr anzeigen
Publikationsstatus
publishedExterne Links
Buchtitel
Proceedings of the 10th European Workshop on Systems Security, EuroSec'17Seiten / Artikelnummer
Verlag
Association for Computing MachineryKonferenz
Thema
Kill switches; Centralized key architectures; BGPsec; DNSSECOrganisationseinheit
03975 - Perrig, Adrian / Perrig, Adrian
08635 - ZISC: Zurich Inform.Security&Priv.Center / ZISC: Zurich Inform.Security&Priv.Center