Embed Size (px)
Citation preview
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 1
Information Security 1 (InfSi1)
Prof. Dr. Andreas Steffen
Institute for Internet Technologies and Applications (ITA)
5 DNS Security ExtensionsDNSSEC
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 2
Information Security 1 (InfSi1)
5.1 Kaminsky Attack onthe Domain Name Service
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 3
DNS Resolution via Recursive Nameserver
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 4
DNS Request
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 5
DNS Response
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 6
Simple DNS Cache Poisoning
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 7
Guessing Query ID and UDP Source Port
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 8
The Dan Kaminsky DNS Vulnerability – July 2008
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 9
Information Security 1 (InfSi1)
5.2 DNS Root Servers
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 10
DNS Root Servers
A VeriSign Inc.
B
C
D
E
F
G
H
I
J
K
L
M
Information Sciences Institute, USC
OperatorIPv4
198.41.0.4
192.228.79.201
192.33.4.12
199.7.91.13
192.203.230.10
192.5.5.241
192.112.36.4
128.63.3.53
192.36.148.17
192.58.128.30
193.0.14.129
199.7.83.42
202.12.27.33
IPv6
2001:503:BA3E::2:30
#
2001:478:65::53
-
2001:500:2D::D
-
2001:500:2F::F
-
2001:500:1::803F:235
2001:7FE::53
2001:503:C27::2:30
2001:7FD::1
2001:500:3::42
2001:DC3::35
Cogent Communications
8
1
8
University of Maryland 2
NASA Ames Research Center 12
Internet Systems Consortium Inc. 56
US DoD Network Information Center 6
US Army Research Lab 2
Netnod 43
VeriSign Inc. 69
RIPE NCC 17
ICANN 146
WIDE Project 6
376Total number of servers:
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 11
Global Map of Root Servers
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 12
Information Security 1 (InfSi1)
5.3 DNS SecurityResource Records
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 13
root DNSKEY (KSK)*
* explicit import e.g. via trusted web site
ch. DNSKEY (KSK)
ZSK
ch. DS
DNSSEC Chain of Trust
root
KSK/ZSK
ch. DNSKEY (ZSK)
ZSK
switch.ch. DS switch.ch. DNSKEY (KSK)
KSK/ZSK
switch.ch. DNSKEY (ZSK)
ch. switch.ch.
www.switch.ch. A x.x.x.x
ZSK
switch.ch. NS ns1/ns2
ZSK
KSK/ZSK
root DNSKEY (ZSK)
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 14
DNSSEC Resource Records I - DNSKEY
• DNSKEY - DNS Public Key
• Contains a public key used to sign the RRsets of a zone
switch.ch. 81154 IN DNSKEY 256 3 5
AwEAAeCDWwjJO4mXBzayiKf4p7waJ7Ew
eUnsTsAWkxpfELci4iaVdBugzYPfsZIg
9R6TIPky3LoPAPmIjCc2fbFkKnrGI7hJ
jXAGMRwRJIBprFx4BXZSsjsvGb6MGC+e
xHSlXw==
;{id = 64608 (zsk), size = 768b}
• Flags field• 256 -> Zone Signing Key (ZSK)
• 257 -> Key Signing Key (KSK) with secure entry point (SEP) flag set
• Algorithm field• 5 -> SHA-1 with RSA
• 7 -> SHA-1 with RSA & NSEC3 with SHA-1
• 8 -> SHA-256 with RSA
• 10 -> SHA-512 with RSA
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 15
DNSSEC Resource Records II - RRSIG
• RRSIG - Resource Record Signature
• Contains a public key signature over a resource record set (RRset)
merapi.switch.ch. 172800 IN A 130.59.211.10
merapi.switch.ch. 172800 IN RRSIG A 5 3 172800
20091128231033
20091029231033
64608 switch.ch.
3KW9YjxdL08FqVYKFSn9
Q4+8U1iYrVCun+J1Ny8Y
IiMC+6oQS/GZwRn2mr+H
MruwEjNB9s7bWGzRmRiR
TATPvS67gxjCiJkSP58P
kGJ1dW3wBaz6r1feGNvz
KhHLhvRe ;{id = 64608}
• Signature Expiration and Inception Fields• The signature is not valid before Inception and after Expiration date.
• Key Tag Field• Contains the key tag of the key which signed the RRset.
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 16
DNSSEC Resource Records III - DS
• DS - Delegation Signer
• Signed hash computed over KSK of child zone
switch.ch. 3364 IN DS 43837 5 1
91dcfca519cf8b038441869878cc3610
60200534
switch.ch. 3364 IN DS 43837 5 2
838cef7635952df83311a92b48ae7f19
1ae29484534e38b1ab7b3d0966b9ee55
switch.ch. 3416 IN RRSIG DS 7 2 3600
20091123183442
20091117220724 31034 ch.
LPh8RgXQSqPcdQz6s1PJOjTuopO9RxQg
s1YYCY/CnhYaHxb6ndNBJ7QP20eKN+91
/ULjN4Ep/k9Pgtos979i5OfEXpfLcWcv
rKP1xGvqW4PjP+MT1PDs6uKisEUqGBoQ
p7+nkkzjY+YsDbxtTV+/8uHcSnNmXoMm
SqPms3G0aw4= ;{id = 31034}
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 17
DNSSEC Resource Records IV - NSEC
• NSEC – Next Owner Name
• Authenticated denial of existence of an owner name
merapi.switch.ch. 180 IN NSEC mercury.switch.ch.
A PTR AAAA LOC RRSIG NSEC
merapi.switch.ch. 180 IN RRSIG NSEC 5 3 180
20091128231033
20091029231033
64608 switch.ch.
kW1SnXWoJKwOHEG1P3INI83EOGuQ
GujwvBT/MSWVQ+ms/2DXxjQcpt1Z
P07+XI51cc0t7erUUG31KZdmUpXZ
tQzPUJh49jjLh9aTjRiH1xGhlxv5
af+N95JDykRGSOAq ;{id = 64608}
• Proof that there is no name between merapi.switch.ch. and mercury.switch.ch.
• Allows enumeration of complete zone data!!!
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 18
DNSSEC Resource Records V - NSEC3
• NSEC3 – Next Owner Name in Hashed Order
• Hashed Authenticated Denial of Existence
h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 691 IN NSEC3
1 1 1 d399eaab
h9rsfb7fpf2l8hg35cmpc765tdk23rp6
NS SOA RRSIG DNSKEY NSEC3PARAM ; flags: optout
h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 691 IN RRSIG NSEC3 7 2
86400 20091202211702 20091118201702 5273 org.
a+CC37hRM7yCFBaZn2SeRgY9h247GXptCuBYf45TwaoR
xvBwTAXPT+UwZ/4hxwc2v7AR7ZZ8UOMiNJvYsl59eFW8
Xtgws4/Aih0fJ2/O8yUHwI695fRf9PrpxXEpqzStjSZP
5arJ1oldDAHcnxgLqdAMW6wnK1FNrslfJblJlmU=
;{id = 5273}
• Proof that there is no name between org. and ???.org.
• Does not allow straight enumeration of zone data!
• Dictionary attacks are possible but expensive.
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 19
Information Security 1 (InfSi1)
5.4 DANE
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 20
DNS-based Authentication of Named EntitiesDANE (RFC 6698, August 2012)
• DANE defines a TLSA Resource Record
• Certificate Usage0 – CA Certificate Constraint1 – Server Certificate Constraint2 – Trust Anchor Assertion for Private CA3 – Domain Issued Certificate
• Selector0 – Full Certificate1 – Public Key Info (Public Key plus Key Type Information)
• Matching Type0 – Exact Match on Selected Content1 – SHA-256 Hash of Selected Content2 – SHA-512 Hash of Selected Content
Cert. Usage Selector Matching Type
Certificate Association Data
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 21
DANE – Verifying Server and CA Certificates
Kool CA
Kool CA
TLS Server
www.hsr.ch
TLS Client
www.hsr.ch
Kool CA
DNS Server
hsr.ch
www.hsr.ch. TLSA 1 0 1
ZSK
SHA-256 Hash
check servercertificate
www.hsr.ch. TLSA 0 0 2
ZSK
SHA-512 Hash
check CAcertificate
or
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 22
DANE – Getting CA Certificate or Public Key
TLS Server
www.hsr.ch
TLS Client
www.hsr.ch
HSR CA
DNS Server
hsr.ch
www.hsr.ch. TLSA 2 0 0
ZSK
get CAcertificate
HSR CA
HSR CA
orwww.hsr.ch. TLSA 2 1 0
ZSK
get CApublic key
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 23
DANE – Verifying Self-Signed Server Certificates
TLS Server
www.hsr.ch
TLS Client
www.hsr.ch
Self
DNS Server
hsr.ch
www.hsr.ch. TLSA 3 0 1
ZSK
SHA-256 Hash
check servercertificate
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 24
DANE – Verifying Raw RSA Keys
TLS Server
www.hsr.ch
TLS Client
DNS Server
hsr.ch
www.hsr.ch. TLSA 3 1 1
ZSK
SHA-256 Hash
check serverpublic key
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 25
DANE – Getting Server Certificate or Public Key
TLS Server
www.hsr.ch
TLS Client
DNS Server
hsr.ch
www.hsr.ch. TLSA 3 0 0
ZSK
get servercertificate
www.hsr.ch
Self
orwww.hsr.ch. TLSA 3 1 0
ZSK
get serverpublic key
private key
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 26
Information Security 1 (InfSi1)
5.5 DNS Root SigningProcess
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 27
DNSSEC Root Zone Signing Process
ICANN Vetting and Processing
TLD Operator
DSRecords
DoC NTIA Authorization of Changes
DSRecords
VeriSign Editing and Signing of Root Zone
DSRecords
Root Servers (A, ... , M)
DSRecords
Root ZSK
ZSK
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 28
DNSSEC Root Zone Signing Key Signing Process
VeriSignZSK Management
ZSK Private Key
ZSK
ZSK
ICANNKSK Management
KSRKey Signing Request
KSK Private Key
KSK
KSKPublished on Web Site
ZSK
KSK
SKRSigned Key Response
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 29
ICANN Key Ceremonies
Tier 1 – Facility – Access Control by Data Center
Tier 2 – Facility – Access Control by Data Center
Tier 3 – Facility – Access Control by Data Center
Tier 4 – Cage – Access Control by Data Center
Tier 5 – Safe Room – Access Control by ICANN
Tier 6 – Safe #1 Tier 6 – Safe #2
Tier 7 – Safe Deposit Box
Crypto Officers‘Credentials
Tier 7 – HSM
KSK Private KeysKey Ceremony
Computer
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 30
ICANN Key Ceremonies
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 31
Periodic Key Rollover
T-10 T+0 T+10 T+20 T+30 T+40 T+50 T+60 T+70 T+80 T+90
ZSKZSK
post-publish
ZSKpre-publish ZSK ZSK ZSK ZSK ZSK ZSK ZSK ZSK ZSK
ZSKpost-publish
ZSKpre-publish ZSK
KSKpublish+sign
KSKpublish+sign
KSKpublish+sign
KSKpublish+sign
KSKpublish+sign
KSKpublish+sign
KSKpublish+sign
KSKrevoke+sign
KSKrevoke+sign
KSKpublish
KSKpublish
KSKpublish
KSKpublish
KSKpublish
KSKpublish+sign
KSKpublish+sign
KSKpublish+sign
KSKpublish+sign
ZSK Rollover (every 90 days)
Optional KSK Rollover (every 2-5 years or on demand)
RRSIG Validity Period (10 days + 50% overlap)
Andreas Steffen, 22.10.2013, 5-DNSSEC.pptx 32
DNSSEC Deployment (October 22, 2013)
• TLDs signed by root zone:• 13 gTLDs: arpa asia biz cat com edu gov info mil museum net org post
• 81 ccTLDS: ac af ag am at be bg br bz ca cc ch cl co cr cx cz de dk eu fifo fr gi gl gn gr gs hn in io is jp kg ki kr la lb lc li lk lt lu lv memm mn my na nc nf nl nu nz pl pm pr pt pw re ru sb sc sesh si su sx tf th tm tt tv tw tz ua ug uk us wf yt
• 8 IDN ccTLDS: xn--kprw13d xn--kpry57d (台湾 Taiwan)xn--mgbx4cd0ab (مليسيا Malaysia)xn--3e0b707e (한국 South Korea)xn--o3cw4h (ไทย Thailand)xn-l1acc (мон Mongolia)xn-h2brj9c (भारत India)xn--p1ai (рф Russia)
• Signing of major gTLDs:• net: December 2010
• com: March 2011
