ietf
[Top] [All Lists]

Re: DNSSEC is NOT secure end to end

2009-06-02 10:12:04


Masataka Ohta wrote:

Christian Huitema wrote:


That is, security of DNSSEC involves third parties and is not end
to end.


That is indeed correct. An attacker can build a fake hierarchy of
"secure DNS" assertions and try to get it accepted. The attack can
succeed with the complicity of one of the authorities in the
hierarchy. It is a classic "attack by a trusted party".


Yes, the hierarchy has hops.

For my domain: "necom830.hpcl.titech.ac.jp", hierarechy of zones
have hops of ".", "jp", "ac.jp", "titech.ac.jp" and
"hpcl.titech.ac.jp". The authority hops are IANA, JPNIC, my
university, and my lab. Though you may have direct relationship
with IANA, JPNIC is the third party for both you and me.


This is exactly like a chain of PKI CA's (replacing the path from bottom to top of zone hierarchy):

For my [end-user administrative units], [chain of CA's] have hops of [CA run by IANA], [CA run by JPNIC], [CA run by my university], and [CA run by my lab].

I don't know what is meant by a direct relationship with IANA.


If an intermediate authority has
been compromised, it can just as well insert a fake NS record --
that's not harder than a fake record signature.


So, with a compromised hop of an intermediate authority, record
signature on the faked next hop key can be generated.


Exactly the same with a compromised intermediate CA.

Then, with a private key corresponding to the faked next hop key,
record signature on the faked second next hop key can be generated.


Exactly the same with a private key corresponding to the next intermediate CA along the chain (i.e. the one certified by the compromised CA).

Then, with a private key corresponding to the faked second next
hop key, record signature on the faked third next hop key can be
generated.


Same thing.

Yes, security of DNSSEC is totally hop by hop.


Thus, you imply a definition of hop by hop along digital signature relationships. Indeed, DNSSEC security is limited to the weakest link along the chain from the bottom to the top of the DNS hierarchy. Nothing new there. I don't think any DNSSEC expert ever claimed differently.

Regards,

- Thierry Moreau

                                                        Masataka Ohta


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf