From nobody Fri Nov 26 03:32:31 2021 Return-Path: X-Original-To: dnsop@ietfa.amsl.com Delivered-To: dnsop@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85AB73A0D3F for ; Fri, 26 Nov 2021 03:32:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.951 X-Spam-Level: X-Spam-Status: No, score=-3.951 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.852, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b=WWSsZ3nB; dkim=pass (1024-bit key) header.d=isc.org header.b=fKxglRvC Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LrbcWBjI3wac for ; Fri, 26 Nov 2021 03:32:25 -0800 (PST) Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 274253A060D for ; Fri, 26 Nov 2021 03:32:25 -0800 (PST) Received: from zimbrang.isc.org (zimbrang.isc.org [149.20.1.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id 344B6433F27; Fri, 26 Nov 2021 11:32:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1637926343; bh=pPGkxigOwPZGkgSeXw/mSD7xCGb6hwfBxNixOPzRKhY=; h=Date:To:References:From:Subject:In-Reply-To; b=WWSsZ3nBRfVrP58Tgmat6emYRa4pxYiuI0djQcaPv19R0aqQXzF2I5BBg48cySIps INVuEW1pu2OMTyw+6prm8fKldcpNJXy957nqtlnHMPtEWy4FOmopdu6SSdKHOcee+9 F1xvPo0F1SR2el+KpGCYFgVKnCloVaX5QDOdiyy0= Received: from zimbrang.isc.org (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTPS id 1CBF7F23573; Fri, 26 Nov 2021 11:32:23 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTP id E12DAF23576; Fri, 26 Nov 2021 11:32:22 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.10.3 zimbrang.isc.org E12DAF23576 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1637926342; bh=pPGkxigOwPZGkgSeXw/mSD7xCGb6hwfBxNixOPzRKhY=; h=Message-ID:Date:MIME-Version:To:From; b=fKxglRvC9Cr+sChTTVUeQAJpFCjYbdA/4bQ/tO+zGtwEXY4U6CuDYQ6twS3N9xWH/ MD6x6CB/yAu2Q3rjtxTGu1DyYvat+SWRgwjFZuqCBV1QPTWflkzO1k++s3NnQRzUmH 4bQBBbhvXQgK/JMEBlMq0264zsgGnl6CKAgBFcUU= Received: from zimbrang.isc.org ([127.0.0.1]) by localhost (zimbrang.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id nOqsdhGjPqrf; Fri, 26 Nov 2021 11:32:22 +0000 (UTC) Received: from [192.168.0.157] (ip-86-49-254-49.net.upcbroadband.cz [86.49.254.49]) by zimbrang.isc.org (Postfix) with ESMTPSA id 43BEFF23573; Fri, 26 Nov 2021 11:32:22 +0000 (UTC) Message-ID: Date: Fri, 26 Nov 2021 12:32:19 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.2 Content-Language: en-US To: =?UTF-8?B?VmxhZGltw61yIMSMdW7DoXQ=?= , dnsop@ietf.org References: <163777315136.16773.10633006296842101587@ietfa.amsl.com> <914ced6b-52c7-9354-4b91-87f80cd26037@pletterpet.nl> <6153c0ed-523a-5225-40ac-5be9fd5e6ed5@isc.org> From: =?UTF-8?B?UGV0ciDFoHBhxI1law==?= In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [DNSOP] DNSOPI-D Action: draft-ietf-dnsop-nsec3-guidance-02.txt X-BeenThere: dnsop@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IETF DNSOP WG mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Nov 2021 11:32:30 -0000 On 26. 11. 21 11:49, Vladim=C3=ADr =C4=8Cun=C3=A1t wrote: > On 25/11/2021 13.00, Petr =C5=A0pa=C4=8Dek wrote: >> IMHO in the context of NSEC3 the salt would make sense _only_ if it=20 >> were rotated faster than attacker was able to walk the zone. Once=20 >> attacker has list of hashes available for offline cracking the salt=20 >> does not do anything useful anymore.=20 >=20 > I disagree; you don't need to rotate so fast.=C2=A0 At a moment when a=20 > particular salt won't be contained in future answers, there's no point=20 > in creating a dictionary anymore as it's cheaper to crack the gathered=20 > hashes individually.=C2=A0 The only value of dictionary is (possibly)=20 > speeding up attacks on names that will appear in future - and the only=20 > value in re-salting is in making this technique more expensive.=20 > Resalting interval is the period when a particular dictionary is useful= ,=20 > so basically by halving the interval you double the price of this.=C2=A0= [all=20 > IMHO] You are right right, I did not consider "crack names which do not exist=20 yet" scenario and focused only on dictionary reuse across zones. Do you have specific proposals for draft text? Also, when we are theorizing, we can also consider that resalting=20 thwarts simple correlation: After a resalt attacker cannot tell if a set=20 of names has changed or not. With a constant salt attacker can detect=20 new and removed names by their hash. (I'm not sure it is useful=20 information without cracking the hashes.) --=20 Petr =C5=A0pa=C4=8Dek