Question re prevention of enumeration with DNSSEC (NSEC3, etc.)

Amir Herzberg amir.lists at
Sat May 7 00:58:51 UTC 2022

Hi NANOGers,

I have a small question re DNSSEC `proof of non-existence' records: NSEC,
NSEC3 and the (dead?) NSEC5 proposal.

<begin background (probably known to all/most):> NSEC3 was motivated as a
method to prevent Zone enumeration, then Berenstein showed its defense is
pretty weak. RFC7129 (White Lies) prevents this enumeration attack but
requires online signing with the zone's key, which introduces another
vulnerability and, of course, overhead of online-signing. NSEC5 was
proposed to prevent enumeration without online signing, so arguably more
secure than RFC7129, but has comparable online overhead and appears `dead';
the I-D expired (last update July'17).

Note that NSEC3 also supports `opt-out', which reduces overhead for
adoptions in domains with many non-adopting ASes, and I believe is not
supported by NSEC.
<end background>

- Do you find zone enumeration a real concern?
- Do you think the white-lies countermeasure is sufficient and fine, or do
you have security and/or performance concern (or just think it's
- and the final question... would you think an alternative to NSEC5 which
will be more efficient and simpler would be of potential practical
importance, or just a nice academic `exercise'?

I'm really unsure about these questions - esp. the last one - and your
feedback may help me decide on the importance of this line of research.
Just fun or of possible practical importance?

thanks and peace, Amir
Amir Herzberg

Comcast professor of Security Innovations, Computer Science and
Engineering, University of Connecticut
`Applied Introduction to Cryptography' textbook and lectures:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the NANOG mailing list