Currently blocked by another student
DNS is widely used to translate human readable domain names to IP addresses. However, this is not the only use case for DNS, as there are more record types than just addresses (A, AAAA, MX). It is also possible to store security related information within a DNS record. This can include simple information, for example which CAs are allowed to issue certificates for this domain (CAA) but can also include whole certificates (CERT) or keys (DNSKEY, IPSECKEY, OPENPGPKEY, SSHFP). Additionally, TXT records are used for various data for which no dedicated type exists. These can be used to verify ownership of a domain name (c.f. ACME DNS Challenge) or to store further security related information (e.g. SPF, ESNI).
The goal of this thesis is to analyze which security related records are used in the DNS ecosystem. It should be analyzed whether the existing records are configured correctly and securely, as well as categorizing misconfigurations. Furthermore, it should be analyzed whether there are furhter records containing information which may not be intended for the public.
Another challenge of this work is iterating the existing domains. There exist no list of all domains and due to their arbitrary nature they cannot be simply iterated like IPv4. However, CT logs, git commits, or web crawling can be used to find domains to analyze.
Suggested DNS records to analyze:
- RRSIG, DNSKEY, DS (dnssec)
- OPENPGPKEY (requires emails)
- TXT: (in general,) SPF, DKIM, ESNI
- Good programming skills
- Basic experience in analyzing large data sets
- Basic knowledge of DNS
- Basic knowledge of cryptography