This site is fictional demo content. It is not real news or affiliated with any real organization. Do not treat it as fact or professional advice.

NextPaper Logo
nextpaper.ccCYBER CHRONICLE
RSS
EN中文

Full article

FULL TEXT

View this issue
HeadlineINTERNET

Quantum-Safe Domain Name System QDNS Approved by ICANN: Internet DNS Completes Post-Quantum Upgrade

ICANN officially approves QDNS standard, upgrading global DNS encryption from RSA and elliptic curve to lattice-based cryptography to prevent future quantum computer attacks

Quantum-Safe Domain Name System QDNS Approved by ICANN

On March 18, 2029, the Internet Corporation for Assigned Names and Numbers (ICANN) officially approved the QDNS (Quantum-safe Domain Name System) standard, marking the beginning of a historic migration of global internet infrastructure to post-quantum cryptography. QDNS replaces the RSA-2048 and ECDSA encryption algorithms in the Domain Name System with the lattice-based CRYSTALS-Dilithium scheme.

The background for this upgrade is the rapid advancement of quantum computing technology. While current state-of-the-art quantum computers cannot yet crack RSA-2048, the cryptography community broadly agrees that quantum computers with this capability could emerge by around 2035. Since DNS is the foundation of all internet communication, its encryption upgrade must be completed well in advance.

ICANN Security and Stability Advisory Committee (SSAC) member Paul Hoffman said: "The domain name system is the internet's trust anchor. If DNS is compromised, HTTPS certificate verification, email security, and DNSSEC signatures all lose their foundation. QDNS is not a preventive measure — it is a necessary infrastructure update."

QDNS deployment will proceed in three phases: testing on root name servers in the second half of 2029; covering major top-level domains like .com and .net in 2030; and completing global domain migration by the end of 2031. A dual-stack transition approach will be used during the process, supporting both traditional and QDNS algorithms to ensure backward compatibility.

Cloudflare and Google Public DNS have announced they will be the first to support QDNS resolution in Q3 2029. Cloudflare's cryptography lead Nick Sullivan said: "Our DNS servers will respond to both traditional and QDNS queries starting this summer. Users won't notice any changes — this is a bottom-layer upgrade that is completely transparent to users."

However, cybersecurity researcher Matthew Green noted that QDNS's lattice-based cryptographic signatures are approximately 10 times larger than traditional algorithms, which will increase DNS response packet sizes and may impact bandwidth-constrained IoT devices and low-speed network connections.