Re: [DNSOP] A different question

Fri, 22 Aug 2008 07:50:54 -0700 

Both of Ohta-san's points are entirely valid. 

On Ohta-san's first point: DJB is convinced that 1024bit RSA is
crackable with a botnet. And if 1024 isn't crackable now, it probably
will be shortly. So it is probably possible or soon will be possible to
crack keys and then forge many DNSSEC signatures, given enough
determination.  Using larger (2048bit) signatures creates more work to
verify signatures, and larger responses. [Note: increasing key size has
a corresponding impact on the crypto-overload DOS attack that I
(Anderson)  previously described, and also makes worse the forged query
DDOS attack that I described.]

On Ohta-san's second point: If the zone is compromised, (which means the
attacker has obtained the private key), then the attacker can construct
new signatures at will, and being a MitM, can inject these responses at
will, also.  The response that one gets (or seems to get) from a cache
or authority server is not necesarilly the response from an authority
server.  This can result in a number of problems for DNSSEC, and it is
the common factor in several different attacks described by Ohta-san and
myself.

                --Dean



On Thu, 21 Aug 2008, David Conrad wrote:

> *plonk*
> 
> On Aug 21, 2008, at 3:50 PM, Masataka Ohta wrote:
> > Paul Wouters wrote:
> >
> >>> Instead, MitM attack on DNSSEC is performed, for example, within
> >>> intermediate zones with forged signature on child zone with forged
> >>> end-users data.
> >
> >> Oh I see. DNSSEC is broken because we cannot trust RSA, DSA, SHA256,
> >> DiffieHellman, and perhaps eliptic curve....
> >
> > That is certainly a valid argument.
> >
> > However, it has nothingn to do with the MitM case above because
> > forged signature from a compromized zone is cryptographically valid.
> >
> >                                             Masataka Ohta
> >
> >
> > _______________________________________________
> > DNSOP mailing list
> > DNSOP@ietf.org
> > https://www.ietf.org/mailman/listinfo/dnsop
> >
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   




_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to