Attacking networks using DHCP, DNS - probably kills DNSSEC
Simon Josefsson
jas at extundo.com
Sun Jun 29 17:49:05 EDT 2003
Bill Stewart <bill.stewart at pobox.com> writes:
> At 11:15 PM 06/28/2003 -0400, Steven M. Bellovin wrote:
>>In message <5.1.1.6.2.20030628124252.033e5600 at idiom.com>, Bill Stewart writes:
>> >This looks like it has the ability to work around DNSSEC.
>> >Somebody trying to verify that they'd correctly reached yahoo.com
>> >would instead verify that they'd correctly reached
>> >yahoo.com.attackersdomain.com, which can provide all the signatures
>> >it needs to make this convincing.
>> >
>> >So if you're depending on DNSSEC to secure your IPSEC connection,
>> >do make sure your DNS server doesn't have a suffix of echelon.nsa.gov...
>>
>>No, that's just not true of DNSsec. DNSsec doesn't depend on the
>>integrity of the connection to your DNS server;
>>rather, the RRsets are digitally signed.
>>In other words, it works a lot like certificates,
>>with a trust chain going back to a magic root key.
>
> I thought about that, and I think this is an exception,
> because this attack tricks your machine into using the
> trust chain yahoo.com.attackersdomain.com., which it controls,
> instead of the trust chain yahoo.com., which DNSSEC protects adequately.
> So you're getting a trustable answer to the wrong query.
No, I believe only one of the following situations can occur:
* Your laptop see and uses the name "yahoo.com", and the DNS server
translate them into yahoo.com.attackersdomain.com. If your laptop
knows the DNSSEC root key, the attacker cannot spoof yahoo.com since
it doesn't know the yahoo.com key. This attack is essentially a
man-in-the-middle attack between you and your recursive DNS server.
* Your laptop see and uses the name "yahoo.com.attackersdomain.com".
You may be able to verify this using your DNSSEC root key, if the
attackersdomain.com people have set up DNSSEC for their spoofed
entries, but unless you are using bad software or judgment, you will
not confuse this for the real "yahoo.com".
Of course, everything fails if you ALSO get your DNSSEC root key from
the DHCP server, but in this case you shouldn't expect to be secure.
I wouldn't be surprised if some people suggest pushing the DNSSEC root
key via DHCP though, because alas, getting the right key into the
laptop in the first place is a difficult problem.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list