Re: [Asrg] DNSSEC is NOT secure end to end

Richard Barnes <rbarnes@bbn.com> Tue, 02 June 2009 14:15 UTC

Return-Path: <rbarnes@bbn.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EC60C3A6AD3; Tue, 2 Jun 2009 07:15:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X+a676iX06sd; Tue, 2 Jun 2009 07:15:33 -0700 (PDT)
Received: from mx11.bbn.com (mx11.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id CEB473A6F43; Tue, 2 Jun 2009 07:14:14 -0700 (PDT)
Received: from col-dhcp33-244-170.bbn.com ([128.33.244.170] helo=Richard-Barnes-Laptop.local) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from <rbarnes@bbn.com>) id 1MBUkl-0005qa-EK; Tue, 02 Jun 2009 10:14:11 -0400
Message-ID: <4A2533B3.7070804@bbn.com>
Date: Tue, 02 Jun 2009 10:14:11 -0400
From: Richard Barnes <rbarnes@bbn.com>
User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302)
MIME-Version: 1.0
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
References: <200905302032.n4UKVxaZ048822@givry.fdupont.fr> <4A21C0CB.8070409@necom830.hpcl.titech.ac.jp> <8EFB68EAE061884A8517F2A755E8B60A1EF83F8661@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com> <4A252B54.6020508@necom830.hpcl.titech.ac.jp>
In-Reply-To: <4A252B54.6020508@necom830.hpcl.titech.ac.jp>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Tue, 02 Jun 2009 10:33:52 -0700
Cc: Christian Huitema <huitema@windows.microsoft.com>, Francis Dupont <Francis.Dupont@fdupont.fr>, Anti-Spam Research Group - IRTF <asrg@irtf.org>, "ietf@ietf.org" <ietf@ietf.org>
Subject: Re: [Asrg] DNSSEC is NOT secure end to end
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2009 14:15:35 -0000

This debate has nothing to do with the security properties of DNSSEC.

A basic assumption of the DNS is that what the authoritative server for 
zone says is, well, authoritative.  The structure of DNS itself entitles 
JPNIC to point ac.jp wherever they want; by using a name within the .jp 
domain, you are agreeing to act within JPNIC's domain of control.  JPNIC 
could set up an authoritative server for hpcl.titech.ac.jp completely 
independently of you, regardless of DNSSEC, and from the perspective of 
the DNS, that would be the right answer.

All DNSSEC does is make the assertions made in the DNS reliable -- it 
does nothing to change the locus of control.

On the other hand, you can certainly use the DNSSEC protocol elements to 
do peer-to-peer security, just like you can use private DNS servers, and 
just like you can use TLS without trust anchors (i.e., with self-signed 
certs).  Just hand out the public half of your ZSK to people you want to 
be able to verify names within your zone.

--Richard



Masataka Ohta wrote:
> Christian Huitema wrote:
> 
>>> That is, security of DNSSEC involves third parties and is not end
>>> to end.
> 
>> That is indeed correct. An attacker can build a fake hierarchy of
>> "secure DNS" assertions and try to get it accepted. The attack can
>> succeed with the complicity of one of the authorities in the
>> hierarchy. It is a classic "attack by a trusted party".
> 
> Yes, the hierarchy has hops.
> 
> For my domain: "necom830.hpcl.titech.ac.jp", hierarechy of zones
> have hops of ".", "jp", "ac.jp", "titech.ac.jp" and
> "hpcl.titech.ac.jp". The authority hops are IANA, JPNIC, my
> university, and my lab. Though you may have direct relationship
> with IANA, JPNIC is the third party for both you and me.
> 
>> If an intermediate authority has
>> been compromised, it can just as well insert a fake NS record --
>> that's not harder than a fake record signature.
> 
> So, with a compromised hop of an intermediate authority, record
> signature on the faked next hop key can be generated.
> 
> Then, with a private key corresponding to the faked next hop key,
> record signature on the faked second next hop key can be generated.
> 
> Then, with a private key corresponding to the faked second next
> hop key, record signature on the faked third next hop key can be
> generated.
> 
> Yes, security of DNSSEC is totally hop by hop.
> 
> 							Masataka Ohta
> 
> _______________________________________________
> Ietf mailing list
> Ietf@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf
>