IETF Logo Mail Archive

Re: [DNSOP] key lengths for DNSSEC

Tony Finch <dot@dotat.at> Fri, 04 April 2014 16:05 UTC

Return-Path: <fanf2@hermes.cam.ac.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 453FD1A0207 for <dnsop@ietfa.amsl.com>; Fri, 4 Apr 2014 09:05:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.011
X-Spam-Level:
X-Spam-Status: No, score=-0.011 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SJGkBCTx8IN1 for <dnsop@ietfa.amsl.com>; Fri, 4 Apr 2014 09:05:23 -0700 (PDT)
Received: from ppsw-40.csi.cam.ac.uk (ppsw-40-v6.csi.cam.ac.uk [IPv6:2001:630:212:8::e:f40]) by ietfa.amsl.com (Postfix) with ESMTP id 785691A0201 for <dnsop@ietf.org>; Fri, 4 Apr 2014 09:05:23 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:39849) by ppsw-40.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.156]:25) with esmtpa (EXTERNAL:fanf2) id 1WW6cH-0000mu-lR (Exim 4.82_3-c0e5623) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 04 Apr 2014 17:05:17 +0100
Received: from fanf2 by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local id 1WW6cH-0000ZR-LS (Exim 4.72) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 04 Apr 2014 17:05:17 +0100
Date: Fri, 04 Apr 2014 17:05:17 +0100
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-1.csi.cam.ac.uk
To: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <195BD466-22EF-4EE6-9E43-D1051502AF36@hopcount.ca>
Message-ID: <alpine.LSU.2.00.1404041658580.31260@hermes-1.csi.cam.ac.uk>
References: <78F386B0-BC6B-4159-B9D4-4BFEB10252A6@rfc1035.com> <16A7DDD8-AB8E-458F-B031-80E5141CAE5A@nominum.com> <195BD466-22EF-4EE6-9E43-D1051502AF36@hopcount.ca>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: Tony Finch <fanf2@hermes.cam.ac.uk>
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/fe49Tozu0CU52r4tMRCBYO3Gl-M
Cc: IETF DNSOP WG <dnsop@ietf.org>
Subject: Re: [DNSOP] key lengths for DNSSEC
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 16:05:35 -0000

Joe Abley <jabley@hopcount.ca> wrote:

> I'm trying to understand the time-based attack, but I'm not seeing it.

I think a plausible form of this attack involves DNSSEC validation at
the edge.

(1) DoS your victim, to force them into trouble-shooting mode. Hopefully
they will reboot, at which point you can lie to them about the time, and
they will probably believe you.

(2) You have compromised a key that was valid at the point in time which
your victim now believes is current. The signature chain from the root to
your compromised key works. You have a sample of other records from the
same time so you can maybe make other stuff seem to work.

(3) Go wild signing attack records with your compromised key and sending
them in responses to your victim.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
Trafalgar: Westerly or southwesterly 4 or 5, occasionally 6 in north. Rough
becoming moderate. Rain or showers, mainly in north. Good, occasionally poor
in north.

v2.23.0 | Report a Bug | By Email