IETF Logo Mail Archive

Re: [Asrg] DNSSEC is NOT secure end to end

Thierry Moreau <thierry.moreau@connotech.com> Tue, 02 June 2009 14:11 UTC

Return-Path: <thierry.moreau@connotech.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EFAD528C1FF for <asrg@core3.amsl.com>; Tue, 2 Jun 2009 07:11:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=-1.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gcunOP8m5+A9 for <asrg@core3.amsl.com>; Tue, 2 Jun 2009 07:11:30 -0700 (PDT)
Received: from smtp132.rog.mail.re2.yahoo.com (smtp132.rog.mail.re2.yahoo.com [206.190.53.37]) by core3.amsl.com (Postfix) with SMTP id 6A3B828C17F for <asrg@irtf.org>; Tue, 2 Jun 2009 07:11:30 -0700 (PDT)
Received: (qmail 379 invoked from network); 2 Jun 2009 14:11:28 -0000
Received: from unknown (HELO connotech.com) (thierry.moreau@209.148.165.15 with plain) by smtp132.rog.mail.re2.yahoo.com with SMTP; 2 Jun 2009 14:11:28 -0000
X-YMail-OSG: BsMA7wAVM1mrIj1cqDg6g6OSFUExKuB_wOF7LpOPlcXusqwiQCF4R9wIXP1cY080Qw--
X-Yahoo-Newman-Property: ymail-3
Message-ID: <4A253289.3020000@connotech.com>
Date: Tue, 02 Jun 2009 09:09:13 -0500
From: Thierry Moreau <thierry.moreau@connotech.com>
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
References: <200905302032.n4UKVxaZ048822@givry.fdupont.fr> <4A21C0CB.8070409@necom830.hpcl.titech.ac.jp> <8EFB68EAE061884A8517F2A755E8B60A1EF83F8661@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com> <4A252B54.6020508@necom830.hpcl.titech.ac.jp>
In-Reply-To: <4A252B54.6020508@necom830.hpcl.titech.ac.jp>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Tue, 02 Jun 2009 10:34:14 -0700
Cc: Christian Huitema <huitema@windows.microsoft.com>, Francis Dupont <Francis.Dupont@fdupont.fr>, Anti-Spam Research Group - IRTF <asrg@irtf.org>, "ietf@ietf.org" <ietf@ietf.org>
Subject: Re: [Asrg] DNSSEC is NOT secure end to end
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2009 14:11:32 -0000

Masataka Ohta wrote:

> Christian Huitema wrote:
> 
> 
>>>That is, security of DNSSEC involves third parties and is not end
>>>to end.
> 
> 
>>That is indeed correct. An attacker can build a fake hierarchy of
>>"secure DNS" assertions and try to get it accepted. The attack can
>>succeed with the complicity of one of the authorities in the
>>hierarchy. It is a classic "attack by a trusted party".
> 
> 
> Yes, the hierarchy has hops.
> 
> For my domain: "necom830.hpcl.titech.ac.jp", hierarechy of zones
> have hops of ".", "jp", "ac.jp", "titech.ac.jp" and
> "hpcl.titech.ac.jp". The authority hops are IANA, JPNIC, my
> university, and my lab. Though you may have direct relationship
> with IANA, JPNIC is the third party for both you and me.
> 

This is exactly like a chain of PKI CA's (replacing the path from bottom 
to top of zone hierarchy):

   For my [end-user administrative units], [chain of CA's] have hops of 
[CA run by IANA], [CA run by JPNIC], [CA run by my university], and [CA 
run by my lab].

I don't know what is meant by a direct relationship with IANA.

> 
>>If an intermediate authority has
>>been compromised, it can just as well insert a fake NS record --
>>that's not harder than a fake record signature.
> 
> 
> So, with a compromised hop of an intermediate authority, record
> signature on the faked next hop key can be generated.
> 

Exactly the same with a compromised intermediate CA.

> Then, with a private key corresponding to the faked next hop key,
> record signature on the faked second next hop key can be generated.
> 

Exactly the same with a private key corresponding to the next 
intermediate CA along the chain (i.e. the one certified by the 
compromised CA).

> Then, with a private key corresponding to the faked second next
> hop key, record signature on the faked third next hop key can be
> generated.
> 

Same thing.

> Yes, security of DNSSEC is totally hop by hop.
> 

Thus, you imply a definition of hop by hop along digital signature 
relationships. Indeed, DNSSEC security is limited to the weakest link 
along the chain from the bottom to the top of the DNS hierarchy. Nothing 
new there. I don't think any DNSSEC expert ever claimed differently.

Regards,

- Thierry Moreau

> 							Masataka Ohta
>

v2.23.0 | Report a Bug | By Email