Neustar, Inc. announced today that it has implemented Domain Name Security Extensions (DNSSEC) in the .US country-code top level domain registry.

The technology uses public key cryptography and digital signatures to protect the Domain Name System (DNS) from attacks that hijack and redirect domain name requests. One such attack, called “cache poisoning,” inserts a fake address record for an Internet domain. If the fake record is accepted, the cache is “poisoned” and subsequent requests for the legitimate domain will be redirected to the fraudulent site.

“This is an important step for Neustar, and gives .US domain name holders a significant way to differentiate their businesses,” said Tim Switzer, vice president of registry services at Neustar. “.US now stands for unprecedented Internet security.”

Neustar has operated the .US registry since 2001 under an agreement with the U.S. Department of Commerce.

The authorization to apply DNSSEC came in October of this year from the U.S. Department of Commerce. Neustar signed the .US zone earlier this month, and will encourage domain name registrars and registrants to incorporate a digital signature into their domain records beginning in early 2010.

“This keeps Neustar at the forefront of a secure Internet,” said Rodney Joffe, senior vice president and senior technologist at Neustar. “DNSSEC means a more secure and reliable domain name system because its extensions provide origin authentication of DNS data, data integrity and authenticated denial of existence.”

This move by Neustar supports the internet-wide plan to implement DNSSEC at the root zone level.

“The Internet plays a vital role in our nation’s economy, and cybersecurity is a paramount concern,” said Lawrence E. Strickling, Assistant Secretary for Communications and Information at the Department of Commerce. “We are pleased that DNSSEC has been implemented in the .US domain, which complements work already under way to implement DNSSEC at the root zone level in the near future.”