Differences between DNSCurve and DNSSEC

Differences that favor DNSSEC

• DNSSEC can in theory protect DNS data if an attacker compromises the domain's nameservers IF the administrator generates keys and signatures on a separate computer that is not compromised. In practice, domain owners don't do this.

Differences that favor DNSCurve

• DNSCurve is encrypted. DNSSEC is not encrypted.
• DNSCurve uses Curve25519-based public-key encryption. DNSSEC uses RSA public-key signatures.
• DNSCurve has a 128-bit security level. DNSSEC has an 80-bit security level.
• DNSCurve requires zero additional packets. DNSSEC requires more than 50% more packets.
• DNSCurve requires no new record types. DNSSEC requires DS, DNSKEY, DLV, TLSA, RRSIG, NSEC, NSEC3, NSEC3PARAM.
• DNSCurve requires no new registrar interfaces. DNSSEC requires new registrar interfaces for every registrar that supports DNSSEC.
• DNSCurve is immune to replay attacks. DNSSEC is vulnerable to replay attacks.
• DNSCurve leaks nothing. DNSSEC leaks zone contents through NSEC/NSEC3.
• DNSCurve resists network censorship. DNSSEC has no protection against censorship.
• DNSCurve increases packet sizes slightly. DNSSEC increases packet sizes significantly.
• DNSCurve is not a DDoS source. DNSSEC is a DDoS source.
• DNSCurve is safe to use. DNSSEC is a major outage risk.
• DNSCurve uses state-of-the-art cryptography. DNSSEC uses obsolete crypto from the 1990s.
• DNSCurve is not a PKI. DNSSEC is meant to be a PKI controlled by attackers (world governments).