Re: Do we need to secure our keyservers against kind of DoS Attacks

Hi Christoph--

I think the issue you're raising about secured access to keyservers is
important.

In addition to an active attacker modifying the communication, queries
to keyservers are also potentially information leaks -- anyone simply
observing the query knows something about who your contacts are.

On 01/31/2009 05:54 PM, Christoph Anton Mitterer wrote:
> Imagine that my ISP is evil, tracks my connections and always removes
> some revocation signatures when I get the data.
>
> Are there currently working means to prevent this?
Yes there are!  Back in November i set up nginx on
zimmermann.mayfirst.org (a member of the sks-keyservers pool) to provide
an HTTPS link to the keyserver.  Access to that keyserver can then be
done by running hkp over TLS.  While the OpenPGP tool i was using (gpg)
didn't seem to be able to handle such a TLS-wrapped link natively, i was
able to approximate it with a client-side proxy using socat:

  https://lists.riseup.net/www/arc/monkeysphere/2008-11/msg00046.html

Because TLS offers mutual authentication, message integrity, and
privacy, this can potentially defend against every kind of active attack
except for a full DoS (which an active attacker who can modify your
network traffic can execute no matter what anyway) (and could also be
used to limit queries to your keyserver to particular users, if you so
desired).

But wait, you say, I don't want to have to use X.509 certificates along
with TLS!  Well, i don't either.  RFC 5081 provides for TLS to use
OpenPGP certificates for either party in the communication.  This
removes the need for X.509, while retaining all the benefits of TLS.

So: Is this scheme fully implemented and easy-to-use yet?  No.  But the
pieces are there, and it's already been assembled piecemeal with
currently-available tools.  If you are interested, or manage to push it
further, i'd be very happy to hear about your progress.

hth,

        --dkg

signature.asc
Description: OpenPGP digital signature