Re: [DNSOP] key lengths for DNSSEC
Tony Finch <dot@dotat.at> Fri, 04 April 2014 16:05 UTC
Return-Path: <fanf2@hermes.cam.ac.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 453FD1A0207 for <dnsop@ietfa.amsl.com>; Fri, 4 Apr 2014 09:05:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.011
X-Spam-Level:
X-Spam-Status: No, score=-0.011 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SJGkBCTx8IN1 for <dnsop@ietfa.amsl.com>; Fri, 4 Apr 2014 09:05:23 -0700 (PDT)
Received: from ppsw-40.csi.cam.ac.uk (ppsw-40-v6.csi.cam.ac.uk [IPv6:2001:630:212:8::e:f40]) by ietfa.amsl.com (Postfix) with ESMTP id 785691A0201 for <dnsop@ietf.org>; Fri, 4 Apr 2014 09:05:23 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:39849) by ppsw-40.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.156]:25) with esmtpa (EXTERNAL:fanf2) id 1WW6cH-0000mu-lR (Exim 4.82_3-c0e5623) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 04 Apr 2014 17:05:17 +0100
Received: from fanf2 by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local id 1WW6cH-0000ZR-LS (Exim 4.72) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 04 Apr 2014 17:05:17 +0100
Date: Fri, 04 Apr 2014 17:05:17 +0100
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-1.csi.cam.ac.uk
To: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <195BD466-22EF-4EE6-9E43-D1051502AF36@hopcount.ca>
Message-ID: <alpine.LSU.2.00.1404041658580.31260@hermes-1.csi.cam.ac.uk>
References: <78F386B0-BC6B-4159-B9D4-4BFEB10252A6@rfc1035.com> <16A7DDD8-AB8E-458F-B031-80E5141CAE5A@nominum.com> <195BD466-22EF-4EE6-9E43-D1051502AF36@hopcount.ca>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: Tony Finch <fanf2@hermes.cam.ac.uk>
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/fe49Tozu0CU52r4tMRCBYO3Gl-M
Cc: IETF DNSOP WG <dnsop@ietf.org>
Subject: Re: [DNSOP] key lengths for DNSSEC
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 16:05:35 -0000
Joe Abley <jabley@hopcount.ca> wrote: > I'm trying to understand the time-based attack, but I'm not seeing it. I think a plausible form of this attack involves DNSSEC validation at the edge. (1) DoS your victim, to force them into trouble-shooting mode. Hopefully they will reboot, at which point you can lie to them about the time, and they will probably believe you. (2) You have compromised a key that was valid at the point in time which your victim now believes is current. The signature chain from the root to your compromised key works. You have a sample of other records from the same time so you can maybe make other stuff seem to work. (3) Go wild signing attack records with your compromised key and sending them in responses to your victim. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Trafalgar: Westerly or southwesterly 4 or 5, occasionally 6 in north. Rough becoming moderate. Rain or showers, mainly in north. Good, occasionally poor in north.
- Re: [DNSOP] key lengths for DNSSEC Phillip Hallam-Baker
- [DNSOP] key lengths for DNSSEC Jim Reid
- Re: [DNSOP] key lengths for DNSSEC Ted Lemon
- Re: [DNSOP] key lengths for DNSSEC Joe Abley
- [DNSOP] DNSng-ish (was Re: key lengths for DNSSEC) Andrew Sullivan
- Re: [DNSOP] key lengths for DNSSEC đź”’ Roy Arends
- Re: [DNSOP] key lengths for DNSSEC Phil Regnauld
- Re: [DNSOP] key lengths for DNSSEC Christopher Morrow
- Re: [DNSOP] key lengths for DNSSEC Christopher Morrow
- Re: [DNSOP] key lengths for DNSSEC Ted Lemon
- Re: [DNSOP] key lengths for DNSSEC Evan Hunt
- Re: [DNSOP] key lengths for DNSSEC Nicholas Weaver
- Re: [DNSOP] key lengths for DNSSEC Frederico A C Neves
- Re: [DNSOP] key lengths for DNSSEC Richard Lamb
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Phillip Hallam-Baker
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Andrew Sullivan
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Phillip Hallam-Baker
- Re: [DNSOP] DNSng-ish (was Re: key lengths for DN… Phillip Hallam-Baker
- Re: [DNSOP] key lengths for DNSSEC Tony Finch
- Re: [DNSOP] key lengths for DNSSEC Tony Finch
- [DNSOP] Signaling Cryptographic Algorithm Underst… Steve Crocker