{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T21:40:49Z","timestamp":1743111649693,"version":"3.40.3"},"publisher-location":"Cham","reference-count":44,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031803109"},{"type":"electronic","value":"9783031803116"}],"license":[{"start":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T00:00:00Z","timestamp":1733961600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T00:00:00Z","timestamp":1733961600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-80311-6_11","type":"book-chapter","created":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T00:30:51Z","timestamp":1733963451000},"page":"212-236","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Post-Quantum DNSSEC with\u00a0Faster TCP Fallbacks"],"prefix":"10.1007","author":[{"given":"Aditya Singh","family":"Rawat","sequence":"first","affiliation":[]},{"given":"Mahabir Prasad","family":"Jhanwar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,12,12]]},"reference":[{"key":"11_CR1","unstructured":"The DDoS that almost broke the internet. https:\/\/blog.cloudflare.com\/the-ddos-that-almost-broke-the-internet. Accessed 09 Jul 2024"},{"key":"11_CR2","unstructured":"Oqs-bind. https:\/\/github.com\/Martyrshot\/OQS-bind"},{"key":"11_CR3","unstructured":"Defragmenting DNS - determining the optimal maximum UDP response size for DNS (2020). https:\/\/indico.dns-oarc.net\/event\/36\/contributions\/776\/. Accessed 09 July 2024"},{"key":"11_CR4","unstructured":"DNS flag day (2020). https:\/\/www.dnsflagday.net\/2020\/"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Aas, J., et al.: Let\u2019s encrypt: an automated certificate authority to encrypt the entire web. In: SIGSAC CCS (2019)","DOI":"10.1145\/3319535.3363192"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Aguilar-Melchor, C., Bailleux, T., Goertzen, J., Guinet, A., Joseph, D., Stebila, D.: Turbotls: Tls connection establishment with 1 less round trip (2024). https:\/\/arxiv.org\/abs\/2302.05311","DOI":"10.1007\/978-3-031-70890-9_2"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Ariyapperuma, S., Mitchell, C.J.: Security vulnerabilities in DNS and DNSSec. In: ARES (2007)","DOI":"10.1109\/ARES.2007.139"},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"Atkins, D., Austein, R.: Threat analysis of the domain name system (DNS). RFC 3833 (2004)","DOI":"10.17487\/rfc3833"},{"key":"11_CR9","unstructured":"Bernstein, D.J., H\u00fclsing, A., K\u00f6lbl, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The sphincs+ signature framework. In: SIGSAC CCS (2019)"},{"key":"11_CR10","unstructured":"Blanton, E., Paxson, D.V., Allman, M.: TCP congestion control. RFC 5681 (2009)"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Bonica, R., Baker, F., Huston, G., Hinden, B., Tr\u00f8an, O., Gont, F.: IP fragmentation considered fragile. RFC 8900 (2020)","DOI":"10.17487\/RFC8900"},{"key":"11_CR12","doi-asserted-by":"crossref","unstructured":"Bos, J., et al.: Crystals - kyber: a CCA-secure module-lattice-based kem. In: EuroS &P (2018)","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"Bush, R., Austein, R.: The Resource Public Key Infrastructure (RPKI) to Router Protocol, Version 1. RFC 8210 (2017)","DOI":"10.17487\/RFC8210"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Cheng, Y., Chu, J., Radhakrishnan, S., Jain, A.: TCP Fast Open. RFC 7413 (2014)","DOI":"10.17487\/rfc7413"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Chu, J., Dukkipati, N., Cheng, Y., Mathis, M.: Increasing tcp\u2019s initial window. RFC 6928 (2013)","DOI":"10.17487\/rfc6928"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"Ducas, L., et al.: Crystals-dilithium: a lattice-based digital signature scheme. IACR TCHES (2018)","DOI":"10.46586\/tches.v2018.i1.238-268"},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"Eastlake, D.E., Andrews, M.P.: Domain name system (DNS) cookies. RFC 7873 (2016)","DOI":"10.17487\/RFC7873"},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"Goertzen, J., Stebila, D.: Post-quantum signatures in DNSSEC via request-based fragmentation. In: PQCrypto (2023)","DOI":"10.1007\/978-3-031-40003-2_20"},{"key":"11_CR19","doi-asserted-by":"crossref","unstructured":"Herzberg, A., Shulman, H.: Fragmentation considered poisonous, or: One-domain-to-rule-them-all.org. In: IEEE CNS (2013)","DOI":"10.1109\/CNS.2013.6682711"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Honda, M., Nishida, Y., Raiciu, C., Greenhalgh, A., Handley, M., Tokuda, H.: Is it still possible to extend TCP? In: IMC (2011)","DOI":"10.1145\/2068816.2068834"},{"key":"11_CR21","unstructured":"Jeitner, P., Shulman, H.: Injection attacks reloaded: tunnelling malicious payloads over DNS. In: USENIX (2021)"},{"key":"11_CR22","unstructured":"Kaminsky, D.: Black ops: it\u2019s the end of the cache as we know it (2008). https:\/\/www.blackhat.com\/presentations\/bh-jp-08\/bh-jp-08-Kaminsky\/BlackHat-Japan-08-Kaminsky-DNS08-BlackOps.pdf. Accessed 09 Jul 2024"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Kampanakis, P., Lepoint, T.: Vision paper: do we need to change some things? In: SSR (2023)","DOI":"10.1007\/978-3-031-30731-7_4"},{"key":"11_CR24","doi-asserted-by":"crossref","unstructured":"Kaufman, C., Perlman, R., Sommerfeld, B.: Dos protection for UDP-based protocols. In: SIGSAC CCS (2003)","DOI":"10.1145\/948112.948113"},{"key":"11_CR25","unstructured":"Langley, A.: Probing the viability of TCP extensions. https:\/\/www.imperialviolet.org\/binary\/ecntest.pdf. Accessed 25 Jul 2024"},{"key":"11_CR26","doi-asserted-by":"crossref","unstructured":"Lepinski, M., Kent, S.: An Infrastructure to Support Secure Internet Routing. RFC 6480 (2012)","DOI":"10.17487\/rfc6480"},{"key":"11_CR27","doi-asserted-by":"crossref","unstructured":"Man, K., Qian, Z., Wang, Z., Zheng, X., Huang, Y., Duan, H.: DNS cache poisoning attack reloaded: Revolutions with side channels. In: SIGSAC CCS (2020)","DOI":"10.1145\/3372297.3417280"},{"key":"11_CR28","doi-asserted-by":"crossref","unstructured":"Man, K., Zhou, X., Qian, Z.: DNS cache poisoning attack: resurrections with side channels. In: SIGSAC CCS (2021)","DOI":"10.1145\/3372297.3417280"},{"key":"11_CR29","doi-asserted-by":"crossref","unstructured":"Medina, A., Allman, M., Floyd, S.: Measuring interactions between transport protocols and middleboxes. In: IMC (2004)","DOI":"10.1145\/1028788.1028835"},{"key":"11_CR30","doi-asserted-by":"crossref","unstructured":"Moura, G.C.M., M\u00fcller, M., Davids, M., Wullink, M., Hesselman, C.: Fragmentation, truncation, and timeouts: are large DNS messages falling to bits? In: PAM (2021)","DOI":"10.1007\/978-3-030-72582-2_27"},{"key":"11_CR31","doi-asserted-by":"crossref","unstructured":"M\u00fcller, M., de\u00a0Jong, J., van Heesch, M., Overeinder, B., van Rijswijk-Deij, R.: Retrofitting post-quantum cryptography in internet protocols: a case study of DNSSec. In: SIGCOMM CCR (2020)","DOI":"10.1145\/3431832.3431838"},{"key":"11_CR32","unstructured":"Prest, T., et al.: Falcon. tech. rep., national institute of standards and technology (2022). https:\/\/csrc.nist.gov\/Projects\/post-quantum-cryptography\/selected-algorithms-2022"},{"key":"11_CR33","doi-asserted-by":"crossref","unstructured":"Rawat, A.S., Jhanwar, M.P.: Post-quantum DNSSec over UDP via Qname-based fragmentation. In: SPACE (2023)","DOI":"10.1007\/978-3-031-51583-5_4"},{"key":"11_CR34","doi-asserted-by":"crossref","unstructured":"van Rijswijk-Deij, R., Sperotto, A., Pras, A.: DNSSec and its potential for DDoS attacks: a comprehensive measurement study. In: IMC (2014)","DOI":"10.1145\/2663716.2663731"},{"key":"11_CR35","unstructured":"Rose, S., Larson, M., Massey, D., Austein, R., Arends, R.: DNS security introduction and requirements. RFC 4033 (2005)"},{"key":"11_CR36","unstructured":"Rose, S., Larson, M., Massey, D., Austein, R., Arends, R.: Protocol modifications for the DNS security extensions. RFC 4035 (2005)"},{"key":"11_CR37","unstructured":"Rose, S., Larson, M., Massey, D., Austein, R., Arends, R.: Resource records for the DNS security extensions. RFC 4034 (2005)"},{"key":"11_CR38","doi-asserted-by":"crossref","unstructured":"Rossow, C.: Amplification hell: Revisiting network protocols for DDoS abuse. In: NDSS (2014)","DOI":"10.14722\/ndss.2014.23233"},{"key":"11_CR39","doi-asserted-by":"crossref","unstructured":"Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SICOMP (1997)","DOI":"10.1137\/S0097539795293172"},{"key":"11_CR40","doi-asserted-by":"crossref","unstructured":"da\u00a0Silva\u00a0Damas, J., Graff, M., Vixie, P.A.: Extension mechanisms for DNS (EDNS(0)). RFC 6891 (2013)","DOI":"10.17487\/rfc6891"},{"key":"11_CR41","unstructured":"Sivaraman, M., Kerr, S., Song, L.: DNS message fragments. https:\/\/datatracker.ietf.org\/doc\/draft-muks-dns-message-fragments\/00\/"},{"key":"11_CR42","unstructured":"Song, L., Wang, S.: Atr: Additional truncation response for large DNS response. https:\/\/datatracker.ietf.org\/doc\/draft-song-atr-large-resp\/03\/"},{"key":"11_CR43","doi-asserted-by":"crossref","unstructured":"Stebila, D., Mosca, M.: Post-quantum key exchange for the internet and the open quantum safe project. In: SAC (2017)","DOI":"10.1007\/978-3-319-69453-5_2"},{"key":"11_CR44","unstructured":"Van Den\u00a0Broek, G., Van Rijswijk-Deij, R., Sperotto, A., Pras, A.: DNSSec meets real world: dealing with unreachability caused by fragmentation. IEEE Commun. Mag. (2014)"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology \u2013 INDOCRYPT 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-80311-6_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T01:03:15Z","timestamp":1733965395000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-80311-6_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,12]]},"ISBN":["9783031803109","9783031803116"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-80311-6_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024,12,12]]},"assertion":[{"value":"12 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"INDOCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cryptology in India","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Chennai","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"indocrypt2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}