Table of Contents

KeyTrap


KeyTrap is a vulnerability in the DNSSEC specification that allows for hackers to enact denial-of-service attacks using a single DNS packet. KeyTrap is also denoted as CVE-2023-50387.

Terms and Definitions

DNS

DNS1) (Domain Name System) is a system in computer networking that maps domain names, such as 

wiki.charles.systems

to the IP addresses of the physical machines hosting websites, such as 

188.114.96.3

DNS is a core part of how the internet functions. Initially a manually-moderated text file mapping domains to IPs, DNS eventually grew into a distributed network of domain-resolving machines.2)

DNSSEC

DNSSEC3) (Domain Name System Security Extensions) is a series of extensions to DNS that serve to cryptographically authenticate the origins of data sent via DNS.

Vulnerability Overview

Todo

Section 2

Todo

1)
https://datatracker.ietf.org/doc/html/rfc1035
2)
https://datatracker.ietf.org/doc/html/rfc3467
3)
https://datatracker.ietf.org/doc/html/rfc9364

Trace: KeyTrap

Print/export
QR Code
QR Code KeyTrap (generated for current page)