RHINE - Robust and High-performance Internet Naming with E2E Authenticity

Explore a conference talk presenting RHINE, a secure-by-design Internet naming system that addresses the vulnerabilities of DNS and DNSSEC. Learn how RHINE achieves end-to-end authentication, offloads zone delegation authentication to an end-entity PKI, and introduces Delegation Transparency for a robust trust model. Discover how this innovative approach can withstand compromises of all but one trusted entity and counter threats from superordinate zones. Gain insights into the formal verification of RHINE's security properties using the Tamarin prover and its practical implementation advantages demonstrated through a prototype.