IETF Logo Mail Archive

Re: [DNSOP] [Ext] TKEY and MD5

Donald Eastlake <d3e3e3@gmail.com> Tue, 21 December 2021 04:13 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF1CA3A1128 for <dnsop@ietfa.amsl.com>; Mon, 20 Dec 2021 20:13:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fgr-IZP8gvBf for <dnsop@ietfa.amsl.com>; Mon, 20 Dec 2021 20:13:02 -0800 (PST)
Received: from mail-io1-xd2b.google.com (mail-io1-xd2b.google.com [IPv6:2607:f8b0:4864:20::d2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F06273A1127 for <dnsop@ietf.org>; Mon, 20 Dec 2021 20:13:01 -0800 (PST)
Received: by mail-io1-xd2b.google.com with SMTP id q72so16015966iod.12 for <dnsop@ietf.org>; Mon, 20 Dec 2021 20:13:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=OedSJIYMLQHVmDnFSuI+esiD2JNGoXRYDhy0whkKztE=; b=glx+mk47miF8ungyCsBa/6Y7KfaPtycCgGNCsyYnT7qAfB03Q1tCfOAIPYwuJ4tFUT qLE237VSmFqSaeKBr78rPP20wHzr8uqRboxTyIacJNCuwraHg0KVGS3ut7Ywyzhc2Kq8 JCt6FOnRP0MBbHSmAz923xwPQtWQb6THejEn6CZh8wFwWGvvEYqL6v25dgbZSJsFw/CK tz7j+zbuMMUgCUkTDRYh+EoQuytSZjyh5Otoo7AcjzDg0YuwizIjISku3+PuWMhbu2vK qiXC5Og/wIxHu+x0ImnYTOBocSknAfO4fPpNOKfM7oBniWzAFZBhG0AvVaJmbmvCOFBV aqaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=OedSJIYMLQHVmDnFSuI+esiD2JNGoXRYDhy0whkKztE=; b=Z5nYe5/TBtVt1ENFoCX+SmVSmUJoQJoJU3kGWorzxsUWQQ2uWGEaIU412QfMmmL6d6 IDSGgY5rHFoleisCE3rxVSV+4X/gl7XQymUXbqeHNo88aqnJUq0r8anDId2yOIGb9Gc2 dmmLSWz9b+b89OiBuOv2dnU0fjQPtSgCXnnK2QK5V/JVhhppCMR8uMIgyXmzZqZLc/RS bBln802NRu58tVasuzGFEvR2JRzMggIuDrsD5uqKD5bANkEL0lcbz8MQx34h6H4W6Vtx xVmf+rAsB2jWi+8XhVFea3ICCDfVfYQSCsYod5mi2KGLfJ1pZK3wY9b/PZ+jIDXxL66A NQBQ==
X-Gm-Message-State: AOAM532fCmgABJKBlc00U46FOSUa2hhoHAt01lgNbqHphS13AWBPkr+f 0jRyHkOYwPc6U7gy/JoxhEWy6GhjpPtXK1BDGu8=
X-Google-Smtp-Source: ABdhPJzzmDuoJ3ptHA7wNa8gfSY8Awh6MrQ5fYsJxF5X6h1ksSaqyo8u298/ca29rOOyF/5iRlbgD1jNJ/RWyaN/oW0=
X-Received: by 2002:a5d:8d89:: with SMTP id b9mr692504ioj.205.1640059979199; Mon, 20 Dec 2021 20:12:59 -0800 (PST)
MIME-Version: 1.0
References: <449C4B8E-982F-44A5-BB11-BC404EB2BD80@isc.org> <130C84BD-3123-4041-95FC-3DEA1E2F8DB2@icann.org>
In-Reply-To: <130C84BD-3123-4041-95FC-3DEA1E2F8DB2@icann.org>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Mon, 20 Dec 2021 23:12:48 -0500
Message-ID: <CAF4+nEHoM-5AXbJ2nbnCDS_ONq7w-18VmOjT2DrBBVn5wBe4PA@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: Mark Andrews <marka@isc.org>, dnsop WG <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JH0dEG5-w2Iv3EVZTs_HJwwSbtE>
Subject: Re: [DNSOP] [Ext] TKEY and MD5
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Dec 2021 04:13:07 -0000

On Mon, Dec 20, 2021 at 10:42 PM Paul Hoffman <paul.hoffman@icann.org> wrote:
> On Dec 20, 2021, at 6:57 PM, Mark Andrews <marka@isc.org> wrote:
> > Isn’t it about time we updated DH support in DNS to not use MD5?  Currently there is
> > no FIPS compatible DH key exchange in DNS.  I suspect it would be relatively straight
> > forward by defining a new TKEY mode which does DH w/o using MD5.
>
> If I read RFC 2930 correctly, there is no way to create new modes for TKEY. MD5 is baked into the TKEY RRtype, it seems. You would have to create a new RRtype which is similar to TKEY but has a different key exchange mechanism.

I don't know why you think this. Maybe I should write a draft adding a
new TKEY mode using DH and some less primitive crypto than MD5.
Presumably that exercise would provide some information about which of
us is correct :-)

Thanks,
Donald (author of RFC 2930)
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com

> ...and, at that point, you could just re-use any of the dozen or so key exchange mechanisms already standardized in the IETF. Said another way, if you try to put TKEYbis on standards track, it might get pecked to death because key exchange has come a long way in 30 years.
>
> Your note about that there is no FIPS-compliant way to do TSIG is correct. Having said that, its use of hashes in the key material relies on the preimage resistance of the hash, not the collision resistance. It still works fine, and is likely secure, it just just feels unclean.
>
> --Paul Hoffman_______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email