On Tue, Dec 11, 2018 at 11:34 AM Hector Martin via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote:
> I figured this presentation might be of interest to this list: > > > https://i.blackhat.com/eu-18/Thu-Dec-6/eu-18-Heftrig-Off-Path-Attacks-Against-PKI.pdf > > It seems they found 5 (unspecified) public CAs out of 17 tested were > vulnerable to this attack, which can be performed by an off-path attacker. > > The TL;DR is you can force fragmentation by spoofing ICMP fragmentation > needed packets, and then cause the DNS answer to be split into two > fragments, one with all the actual anti-spoofing relevant information > (TXID, UDP source port, etc), and one with the actual DNS answer data of > interest. Then all you have to do is guess the IPID and keep the UDP > checksum valid, both of which are practical, and you can spoof the > second fragment with whatever you want. > > Yet another reason to push for DNSSEC everywhere (and pervasive use of > CAA records to reduce attack surface). This is scary enough I think CAs > should be required to implement practical mitigations. > Is this new from the past discussion? https://groups.google.com/d/msg/mozilla.dev.security.policy/KvQc102ZTPw/iLQLKfbbAwAJ There's also other discussions, such as https://groups.google.com/d/msg/mozilla.dev.security.policy/ydxiw3S3gSw/Q0CpD8zlBQAJ , https://groups.google.com/d/msg/mozilla.dev.security.policy/84lxLwhaHPQ/KSsjk-JVAwAJ , https://groups.google.com/d/msg/mozilla.dev.security.policy/2teeVLJ44RM/Yqk5GHSpCQAJ I think we're at the stage where it's less about a call to abstract action, and actually requires specific steps being taken, by CAs, to explore and document solutions. Saying "push for DNSSEC" doesn't actually lead to objective threat analysis' and their mitigations. In this regard, Let's Encrypt seems to be the industry leader here - with respect to https://community.letsencrypt.org/t/validating-challenges-from-multiple-network-vantage-points/40955 and the aforementioned https://community.letsencrypt.org/t/mitigating-dns-fragmentation-attack/74838 If other CAs are taking steps in this direction, and have public documentation considering their analysis and design, that'd be extremely useful to the community. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy