On Apr 2, 2014, at 12:06 PM, S Moonesamy <[email protected]> wrote:
> >> What does it matter from a security perspective? DNS messages are short >> lived. It's not like we are encrypting a novel to be kept secret for 100 >> years. With zone signing keys lasting a month, 6 months, or so, and the >> ability to disallow them fairly quickly, what's the difference between this >> so-called 80 or 112 bit strength difference? Yes, I understand the doomsday >> scenario that someone might "guess" my private key and forge messages. But >> an attack is not as simple as forging messages, it takes the ability to >> inject them too. That can be done - but chaining all these things together >> just makes the attack that much less prevalent. > > For context, the discussion is about a ZSK. There is a theory that it would > take under a year and several million (U.S.) dollars to break 1024 bits. It > has been said (not on this mailing list) that an organization could do it > within a shorter time. It's not a good idea to wait for the demonstration as > it can raise concerns about the entity which chose the key. > > As a general comment I tried to find out which NIST recommendations are being > discussed in respect to DNSSEC. The requirements mentioned by Joe Abley > refers to NIST SP 800-78. That document is about "Cryptographic Algorithms > and Key Sizes for Personal Identity > Verification". Is that the NIST recommendation on which this discussion is > based? > The only DNSSEC related NIST SP's are 800-57 and 800-81-2. SP 800-57 is in 3 parts, part one is general key considerations and part 3 covers specific uses like DNSSEC. It's showing its age though. The US Federal policy (now) is 2048 bit RSA for all uses, DNSSEC has a special exemption for 1024 bit ZSK's if desired (to reduce risks of fragmented packets). I do know some .gov zones using 2048 bit KSK and ZSK's as local policies can call for stronger keys. By 2015, .gov/mil zones should migrate to ECDSA. Not sure if that will happen given the track record, but that is the roadmap. Scott > Regards, > S. Moonesamy > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop =================================== Scott Rose NIST [email protected] +1 301-975-8439 Google Voice: +1 571-249-3671 http://www.dnsops.gov/ =================================== _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
