IETF Logo Mail Archive

Re: XQID (Re: Forgery Resistance phase #2 )

bert hubert <bert.hubert@netherlabs.nl> Wed, 30 July 2008 20:21 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 575B13A68ED; Wed, 30 Jul 2008 13:21:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.504
X-Spam-Level:
X-Spam-Status: No, score=-0.504 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CBoGM378cf93; Wed, 30 Jul 2008 13:21:12 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 6686E3A685C; Wed, 30 Jul 2008 13:21:12 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KOI31-000HLn-5D for namedroppers-data@psg.com; Wed, 30 Jul 2008 20:13:23 +0000
Received: from [2001:888:10:36::23] (helo=adsl-xs4all.ds9a.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <ahu@outpost.ds9a.nl>) id 1KOI2v-000HJ9-Vj for namedroppers@ops.ietf.org; Wed, 30 Jul 2008 20:13:21 +0000
Received: from outpost.ds9a.nl ([85.17.220.215] ident=postfix) by adsl-xs4all.ds9a.nl with esmtp (Exim 4.63) (envelope-from <ahu@outpost.ds9a.nl>) id 1KOI2X-0000qP-Iu for namedroppers@ops.ietf.org; Wed, 30 Jul 2008 22:12:53 +0200
Received: by outpost.ds9a.nl (Postfix, from userid 1000) id E7DD84B452; Wed, 30 Jul 2008 22:13:06 +0200 (CEST)
Date: Wed, 30 Jul 2008 22:13:06 +0200
From: bert hubert <bert.hubert@netherlabs.nl>
To: Jelte Jansen <jelte@NLnetLabs.nl>
Cc: Paul Vixie <vixie@isc.org>, namedroppers@ops.ietf.org
Subject: Re: XQID (Re: Forgery Resistance phase #2 )
Message-ID: <20080730201306.GA5206@outpost.ds9a.nl>
References: <200807281555.m6SFsxAO021711@stora.ogud.com> <027b01c8f17e$f99b0a80$ecd11f80$@com> <1135.1217352731@nsa.vix.com> <4890AE49.7040006@NLnetLabs.nl> <71458.1217444406@nsa.vix.com> <4890C0E3.406@NLnetLabs.nl>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <4890C0E3.406@NLnetLabs.nl>
User-Agent: Mutt/1.5.9i
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

On Wed, Jul 30, 2008 at 09:28:35PM +0200, Jelte Jansen wrote:

> 1. Do all recursive servers even have access to enough entropy? This
> might not be a problem at all, or extra entropy could be arranged for
> busy ones, but it might be worth thinking about in advance. For that

I discussed this with Amit Klein, who I think can rightfully claim to be an
expert on DNS randomness, and he doesn't think it is a problem.

He suggests using block or streamcipher based pseudo-random generator,
seeded using 'real random'. 

Even if all excreted pseudo-random is observed from that point onward,
reverse engineering the state of the pseudo-random generator is equivalent
to breaking the cipher it uses, based on an unknown plaintext (the truly
random seed that is being encrypted over and over).

Amit does suggest rekeying every once in a while since AES performed by
software on known hardware leaks a tiny bit of information in the time it
takes to encrypt a block.

This last technique was discovered by Dan J. Bernstein btw.

Odd that :-)

	Bert

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.45.0 | Report a Bug | By Email | System Status