Re: [dane] Manipulation of DNSSEC by US government possible? (was Re: Comments on draft-wouters-dane-openpgp-02)
Rene Bartsch <ietf@bartschnet.de> Thu, 31 July 2014 10:37 UTC
Return-Path: <ietf@bartschnet.de>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D69971A01C6 for <dane@ietfa.amsl.com>; Thu, 31 Jul 2014 03:37:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VzcntCF7kMJe for <dane@ietfa.amsl.com>; Thu, 31 Jul 2014 03:37:04 -0700 (PDT)
Received: from triangulum.uberspace.de (triangulum.uberspace.de [95.143.172.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56D6B1A0AAE for <dane@ietf.org>; Thu, 31 Jul 2014 03:37:02 -0700 (PDT)
Received: (qmail 23195 invoked from network); 31 Jul 2014 10:37:00 -0000
Received: from localhost (HELO www.bartschnet.de) (127.0.0.1) by triangulum.uberspace.de with SMTP; 31 Jul 2014 10:37:00 -0000
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Content-Transfer-Encoding: 7bit
Date: Thu, 31 Jul 2014 12:36:59 +0200
From: Rene Bartsch <ietf@bartschnet.de>
To: dane@ietf.org
In-Reply-To: <20140730132106.432C11B1536F@rock.dv.isc.org>
References: <1d002b9795bf8f9946f1375fef78abd6@triangulum.uberspace.de> <alpine.LFD.2.10.1407280941250.30319@bofh.nohats.ca> <e2a23385d5698a1022b201915817ed40@triangulum.uberspace.de> <1B773935-7CE3-4507-A196-EAC4D7B21C5F@ogud.com> <0af38c6c3987f9537d16a7c20f517665@triangulum.uberspace.de> <CFFE5FC9.4D653%gwiley@verisign.com> <20140730132106.432C11B1536F@rock.dv.isc.org>
Message-ID: <9442c2a6edad0cdc971e78aaa4b50b70@triangulum.uberspace.de>
X-Sender: ietf@bartschnet.de
User-Agent: Roundcube Webmail/1.0.1
Archived-At: http://mailarchive.ietf.org/arch/msg/dane/oZDFsJBCDJNLnzE4K7npKCzYmGI
Subject: Re: [dane] Manipulation of DNSSEC by US government possible? (was Re: Comments on draft-wouters-dane-openpgp-02)
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jul 2014 10:37:09 -0000
Am 2014-07-30 15:21, schrieb Mark Andrews: > In message <CFFE5FC9.4D653%gwiley@verisign.com>, "Wiley, Glen" writes: >> Renne, >> >> While it is technically true that the holder of the trust anchor could >> alter key material it would be impossible to accomplish unnoticed. In >> order for a trust anchor to change your zone (say by changing an A >> record) >> they would have to create a new private key (and corresponding public >> key) >> then sign the altered RR set. >> >> Your DNS key signing and zone signing keys should be protected with as >> much diligence as your private signing and encryption keys. >> >> It is as though a locksmith would have to change the locks on a house >> in >> order to open the door. Sure they can do it but the homeowner will >> notice >> immediately when their keys no longer work. My analogy breaks down if >> you >> take it too far, but I hope it conveys the point. >> >> I am far more worried about vectors that can be leveraged passively >> and >> unobtrusively. >> >> I agree that we should be open about DNSSEC/DANE however the holder of >> the >> trust anchor can not manipulate the DNS without being detected. > > If one can intecept the packets one could fake up a world view. > This would be detectable if you have trust anchors for the parts > of the world being faked. > > If one can't intercept the packets it will be almost certainly be > detected. > > Maintaining a set trust anchors for all the TLD's would defeat most > of the threat. A state agency would have to compromise multiple > tlds to pull this off not just the root. I have the following attack in mind: An attacker (Mallory) with access to the trust anchor keys runs a man-in-the-middle attack on sender and recipient. He forges the OPENPGPKEY RRs, the ZSK-RRs and KSK-RRs of the sender and recipient domains and the TLDs but uses the current origin keys of the trust anchor to sign the forged DNSSEC RRs. Alice gets the OPENPGPKEY 1 of Mallory as Bob's and Bob gets the OPENPGPKEY 2 of Mallory as Alice's via DANE. Alice -> OPENPGPKEY 1 of Mallory -> Mallory -> OPENPGPKEY of Bob -> Bob Bob -> OPENPGPKEY 2 of Mallory -> Mallory -> OPENPGPKEY of Alice -> Alice Unless Alice and Bob do not accidentially compare their public OpenPGP keys manually they won't realize the attack. It seems DNSSEC/DANE helps against most hackers and attackers but cannot protect from attackers which have access to both the trust anchor keys and routing infrastructure. Do the DNSSEC RFCs allow to distribute public KSKs of TLDs with resolver software? Renne -- Best regards, Rene Bartsch, B. Sc. Informatics
- [dane] Comments on draft-wouters-dane-openpgp-02 Rene Bartsch
- Re: [dane] Comments on draft-wouters-dane-openpgp… Paul Wouters
- Re: [dane] Comments on draft-wouters-dane-openpgp… Paul Wouters
- Re: [dane] Comments on draft-wouters-dane-openpgp… Martin Rex
- [dane] Manipulation of DNSSEC by US government po… Rene Bartsch
- Re: [dane] Comments on draft-wouters-dane-openpgp… Viktor Dukhovni
- Re: [dane] Manipulation of DNSSEC by US governmen… Paul Wouters
- Re: [dane] Manipulation of DNSSEC by US governmen… Nico Williams
- Re: [dane] Manipulation of DNSSEC by US governmen… Olafur Gudmundsson
- Re: [dane] Manipulation of DNSSEC by US governmen… Rene Bartsch
- Re: [dane] Manipulation of DNSSEC by US governmen… Wiley, Glen
- Re: [dane] Manipulation of DNSSEC by US governmen… Mark Andrews
- Re: [dane] Manipulation of DNSSEC by US governmen… Rene Bartsch
- Re: [dane] Manipulation of DNSSEC by US governmen… Mark Andrews
- Re: [dane] Manipulation of DNSSEC by US governmen… Paul Wouters
- Re: [dane] Manipulation of DNSSEC by US governmen… Rene Bartsch
- Re: [dane] Manipulation of DNSSEC by US governmen… John Gilmore
- Re: [dane] Manipulation of DNSSEC by US governmen… Paul Wouters
- Re: [dane] Manipulation of DNSSEC by US governmen… Stephen Kent
- Re: [dane] Manipulation of DNSSEC by US governmen… Nico Williams