Post-quantum Algorithm Testing and Analysis for the DNS

To empirically investigate the impact of post-quantum algorithms on DNSSEC, SIDN Labs started the project PATAD (Post-quantum Algorithm Testing and Analysis for the DNS). Its goal is to develop a testbed that enables us to protype, evaluate, and benchmark various post-quantum algorithms in DNSSEC, not just for SIDN, but for other organisations as well.

As the project evolves we will continue to publish more information. Meanwhile you can read about our work on post-quantum DNSSEC in the following publications:

Run your own PATAD testbed

We published the components and instructions to run your own PQC testbed on your own computer at https://github.com/SIDN/pqc-testbed.

The following screencast shows a full-stack example of our testbed with SQIsign (root), MAYO (.nl) and Falcon (sidnlabs.nl).

Developing PATAD components

The script to build containers for the PATAD testbed are published at github currently we have two PQC-ready components pqc-resolver-powerdns and pqc-auth-powerdns that contain a version of PowerDNS with the PQC algorithms Falcon, SQIsign, and MAYO. We encourage you to use these examples to build you own PATAD components.

Publications

Other work on PQC in the DNS