Re: 'tsig-keygen' vs 'dnssec-keygen' - keysize
dnssec-keygen had -d which set the truncated bits in the .private file for HMACs. tsig-keygen could be extended to look for -bits with -a but yes I meant just edit the resulting algorithm name in the file. Mark > On 6 Sep 2018, at 4:49 pm, Browne, Stuart wrote: > >> >> -Original Message- >> From: Evan Hunt [mailto:e...@isc.org] >> Sent: Thursday, 6 September 2018 4:35 PM >> To: Browne, Stuart >> Cc: Mark Andrews; bind-users@lists.isc.org >> Subject: Re: 'tsig-keygen' vs 'dnssec-keygen' - keysize >> > > >>> Is there no cryptographic difference between the short/long output? >> >> As I understand it (though I haven't studied this in a while and may be >> fuzzy), the HMAC algorithm shortens keys that are longer than the block >> size before it uses them, so it's true, long keys aren't necessary or >> particularly helpful. >> >>> Incidentally using bind-9.11 I was unable to use the truncation method >>> you mentioned below (not that I really want to). Is it a 9.12 onwards >>> thing? >> >> No, but Mark's comment may have been confusing. You can set up keys >> that way in named.conf ("algorithm hmac-md5-96;" or whatever). At first >> I thought he was talking about tsig-keygen; perhaps you read it the same >> way I did? >> >> -- >> Evan Hunt -- e...@isc.org >> Internet Systems Consortium, Inc. > > Yes, I did read it the same way as you Evan. > > Thanks for the clarification on the HMAC usage. > > Stuart -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: 'tsig-keygen' vs 'dnssec-keygen' - keysize
> -Original Message- > From: Evan Hunt [mailto:e...@isc.org] > Sent: Thursday, 6 September 2018 4:35 PM > To: Browne, Stuart > Cc: Mark Andrews; bind-users@lists.isc.org > Subject: Re: 'tsig-keygen' vs 'dnssec-keygen' - keysize > > > Is there no cryptographic difference between the short/long output? > > As I understand it (though I haven't studied this in a while and may be > fuzzy), the HMAC algorithm shortens keys that are longer than the block > size before it uses them, so it's true, long keys aren't necessary or > particularly helpful. > > > Incidentally using bind-9.11 I was unable to use the truncation method > > you mentioned below (not that I really want to). Is it a 9.12 onwards > > thing? > > No, but Mark's comment may have been confusing. You can set up keys > that way in named.conf ("algorithm hmac-md5-96;" or whatever). At first > I thought he was talking about tsig-keygen; perhaps you read it the same > way I did? > > -- > Evan Hunt -- e...@isc.org > Internet Systems Consortium, Inc. Yes, I did read it the same way as you Evan. Thanks for the clarification on the HMAC usage. Stuart ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: 'tsig-keygen' vs 'dnssec-keygen' - keysize
On Thu, Sep 06, 2018 at 04:28:23AM +, Browne, Stuart via bind-users wrote: > Ok, then here goes me in my not-really-understanding HMAC properly. > > When using 'dnssec-keygen -a hmac-md5 -b 512 -n HOST some-name' (512 > being the max keysize lited in 'dnssec-keygen -h'), we end up with an 88 > byte string of secret data. > > When using 'tsig-keygen -a hmac-md5 some-name', we end up with a 24 bytes > string of secret data. > > Is there no cryptographic difference between the short/long output? As I understand it (though I haven't studied this in a while and may be fuzzy), the HMAC algorithm shortens keys that are longer than the block size before it uses them, so it's true, long keys aren't necessary or particularly helpful. > Incidentally using bind-9.11 I was unable to use the truncation method > you mentioned below (not that I really want to). Is it a 9.12 onwards > thing? No, but Mark's comment may have been confusing. You can set up keys that way in named.conf ("algorithm hmac-md5-96;" or whatever). At first I thought he was talking about tsig-keygen; perhaps you read it the same way I did? -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: 'tsig-keygen' vs 'dnssec-keygen' - keysize
Ok, then here goes me in my not-really-understanding HMAC properly. When using 'dnssec-keygen -a hmac-md5 -b 512 -n HOST some-name' (512 being the max keysize lited in 'dnssec-keygen -h'), we end up with an 88 byte string of secret data. When using 'tsig-keygen -a hmac-md5 some-name', we end up with a 24 bytes string of secret data. Is there no cryptographic difference between the short/long output? For the sha* types, the length of the secret material appears to be the same, but not for the md5. Sadly, I have some software that requires the use of hmac-md5's for tsigs that I cannot work around at this time. Incidentally using bind-9.11 I was unable to use the truncation method you mentioned below (not that I really want to). Is it a 9.12 onwards thing? Stuart > -Original Message- > From: Mark Andrews [mailto:ma...@isc.org] > Sent: Wednesday, 5 September 2018 3:40 PM > To: Browne, Stuart > Cc: bind-users@lists.isc.org > Subject: Re: 'tsig-keygen' vs 'dnssec-keygen' - keysize > > > > On 5 Sep 2018, at 2:50 pm, Browne, Stuart via bind-users us...@lists.isc.org> wrote: > > > > Was adding in some new internal functionality and noted that the 'tsig- > keygen' tool doesn’t > > give the ability to alter the keysize like dnssec-keygen does for > generating HMAC based tsig keys. > > > > I also noticed that in 9.13, dnssec-keygen will no longer be able to > generate HMAC tsig's, so > > I'm wondering if the ability to manipulate the tsig keysize will be > implemented in tsig-keygen > > to maintain compatibility, or if there is some work-around I've not > found to be able to set this. > > There is zero point in fiddling with the key sizes of hmacs. It has no > impact on the size > of the HMAC in the TSIG records. It has negligible impact on the size of > named.conf, nor > on the size of a database if we ever get around to storing tsig keys in a > database, even > with 100’s of millions of keys. > > tsig-keygen generates maximal sized shared keys for the given algorithm > which provides > the largest possible search space for a brute force attack. > > The hmac algorithm used impacts the size of the HMAC in the TSIG record. > To generate > truncated hmac append “-” e.g. -128 to the algorithm name. > > Mark > > > Stuart Browne > > Neustar, Inc. / Sr Systems Admin > > Level 8, 10 Queens Road, Melbourne, Australia VIC 3004 > > Office: +61.3.9866.3710 > > stuart.browne@team.neustar / home.neustar > > > > Follow Neustar: LinkedIn / Twitter > > > > Reduce your environmental footprint. Print only if necessary. > > > > The information contained in this email message is intended only for > the use of the recipient(s) named above and may contain confidential > and/or privileged information. If you are not the intended recipient you > have received this email message in error and any review, dissemination, > distribution, or copying of this message is strictly prohibited. If you > have received this communication in error, please notify us immediately > and delete the original message. > > > > > > ___ > > Please visit https://urldefense.proofpoint.com/v2/url?u=https- > 3A__lists.isc.org_mailman_listinfo_bind- > 2Dusers=DwIFaQ=MOptNlVtIETeDALC_lULrw=udvvbouEjrWNUMab5xo_vLbUE6LRG > u5fmxLhrDvVJS8=VyYL0iKiBdsY762FkEGyvUr- > FH5Z6vWh3Zs7JPh9g_U=SC48Vs3lYvTTgdQlXnms2TK6qbKVLErW2vjypiecjek= to > unsubscribe from this list > > > > bind-users mailing list > > bind-users@lists.isc.org > > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__lists.isc.org_mailman_listinfo_bind- > 2Dusers=DwIFaQ=MOptNlVtIETeDALC_lULrw=udvvbouEjrWNUMab5xo_vLbUE6LRG > u5fmxLhrDvVJS8=VyYL0iKiBdsY762FkEGyvUr- > FH5Z6vWh3Zs7JPh9g_U=SC48Vs3lYvTTgdQlXnms2TK6qbKVLErW2vjypiecjek= > > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: 'tsig-keygen' vs 'dnssec-keygen' - keysize
> On 5 Sep 2018, at 2:50 pm, Browne, Stuart via bind-users > wrote: > > Was adding in some new internal functionality and noted that the > 'tsig-keygen' tool doesn’t > give the ability to alter the keysize like dnssec-keygen does for generating > HMAC based tsig keys. > > I also noticed that in 9.13, dnssec-keygen will no longer be able to generate > HMAC tsig's, so > I'm wondering if the ability to manipulate the tsig keysize will be > implemented in tsig-keygen > to maintain compatibility, or if there is some work-around I've not found to > be able to set this. There is zero point in fiddling with the key sizes of hmacs. It has no impact on the size of the HMAC in the TSIG records. It has negligible impact on the size of named.conf, nor on the size of a database if we ever get around to storing tsig keys in a database, even with 100’s of millions of keys. tsig-keygen generates maximal sized shared keys for the given algorithm which provides the largest possible search space for a brute force attack. The hmac algorithm used impacts the size of the HMAC in the TSIG record. To generate truncated hmac append “-” e.g. -128 to the algorithm name. Mark > Stuart Browne > Neustar, Inc. / Sr Systems Admin > Level 8, 10 Queens Road, Melbourne, Australia VIC 3004 > Office: +61.3.9866.3710 > stuart.browne@team.neustar / home.neustar > > Follow Neustar: LinkedIn / Twitter > > Reduce your environmental footprint. Print only if necessary. > > The information contained in this email message is intended only for the use > of the recipient(s) named above and may contain confidential and/or > privileged information. If you are not the intended recipient you have > received this email message in error and any review, dissemination, > distribution, or copying of this message is strictly prohibited. If you have > received this communication in error, please notify us immediately and delete > the original message. > > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
'tsig-keygen' vs 'dnssec-keygen' - keysize
Was adding in some new internal functionality and noted that the 'tsig-keygen' tool doesn't give the ability to alter the keysize like dnssec-keygen does for generating HMAC based tsig keys. I also noticed that in 9.13, dnssec-keygen will no longer be able to generate HMAC tsig's, so I'm wondering if the ability to manipulate the tsig keysize will be implemented in tsig-keygen to maintain compatibility, or if there is some work-around I've not found to be able to set this. Stuart Browne Neustar, Inc. / Sr Systems Admin Level 8, 10 Queens Road, Melbourne, Australia VIC 3004 Office: +61.3.9866.3710 stuart.browne@team.neustar / home.neustar Follow Neustar: LinkedIn / Twitter Reduce your environmental footprint. Print only if necessary. The information contained in this email message is intended only for the use of the recipient(s) named above and may contain confidential and/or privileged information. If you are not the intended recipient you have received this email message in error and any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately and delete the original message. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users