Quantum computing is threatening current cryptography, especially the asymmetric algorithms used in many Internet protocols. More secure algorithms, colloquially referred to as Post-Quantum Cryptography (PQC), are under active development. These new algorithms differ significantly from current ones. They can have larger signatures or keys, and often require more computational power. This means we cannot just replace existing algorithms by PQC alternatives, but need to evaluate if they meet the requirements of the Internet protocols that rely on them. In this paper we provide a case study, analyzing the impact of PQC on the Domain Name System (DNS) and its Security Extensions (DNSSEC). In its main role, DNS translates human-readable domain names to IP addresses and DNSSEC guarantees message integrity and authenticity. DNSSEC is particularly challenging to transition to PQC, since DNSSEC and its underlying transport protocols require small signatures and keys and efficient validation. We evaluate current candidate PQC signature algorithms in the third round of the NIST competition on their suitability for use in DNSSEC. We show that three algorithms, partially, meet DNSSEC's requirements but also show where and how we would still need to adapt DNSSEC. Thus, our research lays the foundation for making DNSSEC, and protocols with similar constraints ready for PQC.

中文翻译：

---

在互联网协议中改造后量子密码学

量子计算正在威胁当前的密码学，尤其是在许多 Internet 协议中使用的非对称算法。更安全的算法，俗称后量子密码学 (PQC)，正在积极开发中。这些新算法与当前算法有很大不同。它们可以有更大的签名或密钥，并且通常需要更多的计算能力。这意味着我们不能仅仅用 PQC 替代方案替换现有算法，而是需要评估它们是否满足依赖它们的 Internet 协议的要求。在本文中，我们提供了一个案例研究，分析了 PQC 对域名系统 (DNS) 及其安全扩展 (DNSSEC) 的影响。在其主要作用中，DNS 将人类可读的域名转换为 IP 地址，而 DNSSEC 保证消息的完整性和真实性。DNSSEC 过渡到 PQC 尤其具有挑战性，因为 DNSSEC 及其底层传输协议需要小的签名和密钥以及有效的验证。我们评估了 NIST 第三轮竞赛中当前候选 PQC 签名算法在 DNSSEC 中的适用性。我们展示了三种算法，部分地满足了 DNSSEC 的要求，但也展示了我们仍然需要在哪里以及如何调整 DNSSEC。因此，我们的研究为使 DNSSEC 和具有类似约束的协议为 PQC 做好准备奠定了基础。的要求，但也显示了我们仍然需要在哪里以及如何调整 DNSSEC。因此，我们的研究为使 DNSSEC 和具有类似约束的协议为 PQC 做好准备奠定了基础。的要求，但也显示了我们仍然需要在哪里以及如何调整 DNSSEC。因此，我们的研究为使 DNSSEC 和具有类似约束的协议为 PQC 做好准备奠定了基础。