Skip to Main Content
This paper proposes a new security method for protecting signalling for Domain Name System (DNS) architecture. That is, it makes secure DNS update messages for binding a Fully Qualified Domain Name (FQDN) of an IPv6 node and the IPv6 address of the node owning this FQDN. This method is based on the use of Cryptographically Generated Addresses (CGA) and IDBased Cryptography (IBC). Combination of these two techniques allows DNS server to check the ownership of the IPv6 address and the FQDN, sent by the DNS client. In addition, this paper describes how this method has been implemented.