andreas steffen, 22.10.2013, 5-dnssec.pptx 1 information security 1 (infsi1) prof. dr. andreas...
TRANSCRIPT
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 1
Information Security 1 (InfSi1)
Prof. Dr. Andreas Steffen
Institute for Internet Technologies and Applications (ITA)
5 DNS Security Extensions
DNSSEC
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 2
Information Security 1 (InfSi1)
5.1 Kaminsky Attack onthe Domain Name
Service
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 3
DNS Resolution via Recursive Nameserver
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 4
DNS Request
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 5
DNS Response
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 6
Simple DNS Cache Poisoning
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 7
Guessing Query ID and UDP Source Port
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 8
The Dan Kaminsky DNS Vulnerability – July 2008
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 9
Information Security 1 (InfSi1)
5.2 DNS Root Servers
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 10
DNS Root Servers
A VeriSign Inc.
B
C
D
E
F
G
H
I
J
K
L
M
Information Sciences Institute, USC
OperatorIPv4
198.41.0.4
192.228.79.201
192.33.4.12
199.7.91.13
192.203.230.10
192.5.5.241
192.112.36.4
128.63.3.53
192.36.148.17
192.58.128.30
193.0.14.129
199.7.83.42
202.12.27.33
IPv6
2001:503:BA3E::2:30
#
2001:478:65::53
-
2001:500:2D::D
-
2001:500:2F::F
-
2001:500:1::803F:235
2001:7FE::53
2001:503:C27::2:30
2001:7FD::1
2001:500:3::42
2001:DC3::35
Cogent Communications
8
1
8
University of Maryland 2
NASA Ames Research Center 12
Internet Systems Consortium Inc. 56
US DoD Network Information Center6
US Army Research Lab 2
Netnod 43
VeriSign Inc. 69
RIPE NCC 17
ICANN 146
WIDE Project 6
376Total number of servers:
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 11
Global Map of Root Servers
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 12
Information Security 1 (InfSi1)
5.3 DNS SecurityResource Records
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 13
root DNSKEY (KSK)*
* explicit import e.g. via trusted web site
ch. DNSKEY (KSK)
ZSK
ch. DS
DNSSEC Chain of Trust
root
KSK/ZSK
ch. DNSKEY (ZSK)
ZSK
switch.ch. DS switch.ch. DNSKEY (KSK)
KSK/ZSK
switch.ch. DNSKEY (ZSK)
ch. switch.ch.
www.switch.ch. A x.x.x.x
ZSK
switch.ch. NS ns1/ns2
ZSK
KSK/ZSK
root DNSKEY (ZSK)
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 14
DNSSEC Resource Records I - DNSKEY
• DNSKEY - DNS Public Key• Contains a public key used to sign the RRsets of a zone
switch.ch. 81154 IN DNSKEY 256 3 5 AwEAAeCDWwjJO4mXBzayiKf4p7waJ7Ew eUnsTsAWkxpfELci4iaVdBugzYPfsZIg 9R6TIPky3LoPAPmIjCc2fbFkKnrGI7hJ jXAGMRwRJIBprFx4BXZSsjsvGb6MGC+e xHSlXw== ;{id = 64608 (zsk), size = 768b}
• Flags field• 256 -> Zone Signing Key (ZSK)• 257 -> Key Signing Key (KSK) with secure entry point (SEP)
flag set
• Algorithm field• 5 -> SHA-1 with RSA• 7 -> SHA-1 with RSA & NSEC3 with SHA-1• 8 -> SHA-256 with RSA• 10 -> SHA-512 with RSA
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 15
DNSSEC Resource Records II - RRSIG
• RRSIG - Resource Record Signature• Contains a public key signature over a resource record set
(RRset)
merapi.switch.ch. 172800 IN A 130.59.211.10
merapi.switch.ch. 172800 IN RRSIG A 5 3 172800 20091128231033 20091029231033 64608 switch.ch.
3KW9YjxdL08FqVYKFSn9 Q4+8U1iYrVCun+J1Ny8Y IiMC+6oQS/GZwRn2mr+H MruwEjNB9s7bWGzRmRiR TATPvS67gxjCiJkSP58P kGJ1dW3wBaz6r1feGNvz KhHLhvRe ;{id = 64608}
• Signature Expiration and Inception Fields• The signature is not valid before Inception and after
Expiration date.
• Key Tag Field• Contains the key tag of the key which signed the RRset.
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 16
DNSSEC Resource Records III - DS
• DS - Delegation Signer• Signed hash computed over KSK of child zone
switch.ch. 3364 IN DS 43837 5 1 91dcfca519cf8b038441869878cc3610 60200534 switch.ch. 3364 IN DS 43837 5 2 838cef7635952df83311a92b48ae7f19 1ae29484534e38b1ab7b3d0966b9ee55
switch.ch. 3416 IN RRSIG DS 7 2 3600 20091123183442 20091117220724 31034 ch. LPh8RgXQSqPcdQz6s1PJOjTuopO9RxQg s1YYCY/CnhYaHxb6ndNBJ7QP20eKN+91 /ULjN4Ep/k9Pgtos979i5OfEXpfLcWcv rKP1xGvqW4PjP+MT1PDs6uKisEUqGBoQ p7+nkkzjY+YsDbxtTV+/8uHcSnNmXoMm SqPms3G0aw4= ;{id = 31034}
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 17
DNSSEC Resource Records IV - NSEC
• NSEC – Next Owner Name• Authenticated denial of existence of an owner name
merapi.switch.ch. 180 IN NSEC mercury.switch.ch. A PTR AAAA LOC RRSIG NSEC
merapi.switch.ch. 180 IN RRSIG NSEC 5 3 180 20091128231033 20091029231033 64608 switch.ch. kW1SnXWoJKwOHEG1P3INI83EOGuQ GujwvBT/MSWVQ+ms/2DXxjQcpt1Z P07+XI51cc0t7erUUG31KZdmUpXZ tQzPUJh49jjLh9aTjRiH1xGhlxv5 af+N95JDykRGSOAq ;{id = 64608}
• Proof that there is no name between merapi.switch.ch. and mercury.switch.ch.
• Allows enumeration of complete zone data!!!
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 18
DNSSEC Resource Records V - NSEC3
• NSEC3 – Next Owner Name in Hashed Order• Hashed Authenticated Denial of Existence
h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 691 IN NSEC3 1 1 1 d399eaabh9rsfb7fpf2l8hg35cmpc765tdk23rp6 NS SOA RRSIG DNSKEY NSEC3PARAM ; flags: optout
h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 691 IN RRSIG NSEC3 7 2 86400 20091202211702 20091118201702 5273 org. a+CC37hRM7yCFBaZn2SeRgY9h247GXptCuBYf45TwaoR xvBwTAXPT+UwZ/4hxwc2v7AR7ZZ8UOMiNJvYsl59eFW8 Xtgws4/Aih0fJ2/O8yUHwI695fRf9PrpxXEpqzStjSZP 5arJ1oldDAHcnxgLqdAMW6wnK1FNrslfJblJlmU= ;{id = 5273}
• Proof that there is no name between org. and ???.org.• Does not allow straight enumeration of zone data!• Dictionary attacks are possible but expensive.
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 19
Information Security 1 (InfSi1)
5.4 DANE
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 20
DNS-based Authentication of Named EntitiesDANE (RFC 6698, August 2012)
• DANE defines a TLSA Resource Record
• Certificate Usage 0 – CA Certificate Constraint 1 – Server Certificate Constraint 2 – Trust Anchor Assertion for Private CA 3 – Domain Issued Certificate
• Selector 0 – Full Certificate 1 – Public Key Info (Public Key plus Key Type Information)
• Matching Type 0 – Exact Match on Selected Content 1 – SHA-256 Hash of Selected Content 2 – SHA-512 Hash of Selected Content
Cert. Usage Selector Matching Type
Certificate Association Data
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 21
DANE – Verifying Server and CA Certificates
Kool CA
Kool CA
TLS Serverwww.hsr.ch
TLS Client
www.hsr.ch
Kool CA
DNS Serverhsr.ch
www.hsr.ch. TLSA 1 0 1
ZSK
SHA-256 Hash
check server certificate
www.hsr.ch. TLSA 0 0 2
ZSK
SHA-512 Hash
check CA certificate
or
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 22
DANE – Getting CA Certificate or Public Key
TLS Serverwww.hsr.ch
TLS Client
www.hsr.ch
HSR CA
DNS Serverhsr.ch
www.hsr.ch. TLSA 2 0 0
ZSK
get CA certificate
HSR CA
HSR CA
orwww.hsr.ch. TLSA 2 1 0
ZSK
get CA public key
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 23
DANE – Verifying Self-Signed Server Certificates
TLS Serverwww.hsr.ch
TLS Client
www.hsr.ch
Self
DNS Serverhsr.ch
www.hsr.ch. TLSA 3 0 1
ZSK
SHA-256 Hash
check server certificate
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 24
DANE – Verifying Raw RSA Keys
TLS Serverwww.hsr.ch
TLS Client
DNS Serverhsr.ch
www.hsr.ch. TLSA 3 1 1
ZSK
SHA-256 Hash
check server public key
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 25
DANE – Getting Server Certificate or Public Key
TLS Serverwww.hsr.ch
TLS Client
DNS Serverhsr.ch
www.hsr.ch. TLSA 3 0 0
ZSK
get server certificate
www.hsr.ch
Self
orwww.hsr.ch. TLSA 3 1 0
ZSK
get server public key
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 26
Information Security 1 (InfSi1)
5.5 DNS Root Signing Process
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 27
DNSSEC Root Zone Signing Process
ICANN Vetting and Processing
TLD OperatorDS
Records
DoC NTIA Authorization of Changes
DSRecord
s
VeriSign Editing and Signing of Root Zone
DSRecord
s
Root Servers (A, ... , M)
DSRecord
s
Root ZSK
ZSK
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 28
DNSSEC Root Zone Signing Key Signing Process
VeriSignZSK Management
ZSK Private Key
ZSK
ZSK
ICANNKSK Management
KSRKey Signing
Request
KSK Private Key
KSK
KSKPublished on Web
Site
ZSK
KSK
SKRSigned Key
Response
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 29
ICANN Key Ceremonies
Tier 1 – Facility – Access Control by Data Center
Tier 2 – Facility – Access Control by Data Center
Tier 3 – Facility – Access Control by Data Center
Tier 4 – Cage – Access Control by Data Center
Tier 5 – Safe Room – Access Control by ICANN
Tier 6 – Safe #1 Tier 6 – Safe #2
Tier 7 – Safe Deposit Box
Crypto Officers‘
Credentials
Tier 7 – HSM
KSK Private Keys
Key CeremonyComputer
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 30
ICANN Key Ceremonies
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 31
Periodic Key Rollover
T-10 T+0 T+10 T+20 T+30 T+40 T+50 T+60 T+70 T+80 T+90
ZSKZSKpost-
publishZSKpre-
publishZSK ZSK ZSK ZSK ZSK ZSK ZSK ZSK ZSK
ZSKpost-
publishZSKpre-
publishZSK
KSKpublish+sig
n
KSKpublish+sig
n
KSKpublish+sig
n
KSKpublish+sig
n
KSKpublish+sig
n
KSKpublish+sig
n
KSKpublish+sig
n
KSKrevoke+sig
n
KSKrevoke+sig
n
KSKpublish
KSKpublish
KSKpublish
KSKpublish
KSKpublish
KSKpublish+sig
n
KSKpublish+sig
n
KSKpublish+sig
n
KSKpublish+sig
n
ZSK Rollover (every 90 days)
Optional KSK Rollover (every 2-5 years or on demand)
RRSIG Validity Period (10 days + 50% overlap)
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 32
DNSSEC Deployment (October 22, 2013)
• TLDs signed by root zone:• 13 gTLDs: arpa asia biz cat com edu gov info mil museum net
org post• 81 ccTLDS: ac af ag am at be bg br bz ca cc ch cl co cr cx cz de
dk eu fi fo fr gi gl gn gr gs hn in io is jp kg ki kr la lb lc li lk lt lu lv me mm mn my na nc nf nl nu nz pl pm pr pt pw re ru sb sc se sh si su sx tf th tm tt tv tw tz ua ug uk us wf yt
• 8 IDN ccTLDS: xn--kprw13d xn--kpry57d ( 台湾 Taiwan) xn--mgbx4cd0ab (مليسيا Malaysia) xn--3e0b707e ( 한국 South Korea) xn--o3cw4h (ไทย Thailand) xn-l1acc (мон Mongolia) xn-h2brj9c (भा�रत India) xn--p1ai (рф Russia)
• Signing of major gTLDs:• net: December 2010• com: March 2011