Click here to load reader

SecuringDNSandTLSUsing DNSSEC)and)DANE - Confex · PDF fileSecuringDNSandTLSUsing DNSSEC)and)DANE& Dan&York,&CISSP,&InternetSociety& ... Email&Hijacking&–A&CurrentThreat ... communicaon&between&the&browser&and&the&web&

  • View
    212

  • Download
    0

Embed Size (px)

Text of SecuringDNSandTLSUsing DNSSEC)and)DANE - Confex · PDF fileSecuringDNSandTLSUsing...

9/7/16

1

Securing DNS and TLS Using DNSSEC and DANE

Dan York, CISSP, Internet Society [email protected]

2

About the Internet Society (ISOC) Founded in 1992 as the organizaEonal home of the

Internet Engineering Task Force (IETF) Works in the areas of technology, policy and development

to promote an open accessible Internet for everyone. 90,000 individual members, 141 organizaEonal members,

122 chapters, 87 staff, acEve in 103 countries. 2016 focus: connecFng the unconnected and promoFng

and restoring trust in the Internet. www.internetsociety.org

9/7/16

2

Trusted Internet Trust in privacy of informaEon (ex. encrypEon)

Trust in online idenEty systems (ex. Kantara)

Trust in network communicaEon (ex. TLS, DANE)

Trust in Internet idenEfiers (ex. DNSSEC)

Trust in the Internets core infrastructure (ex. MANRS)

Trust in cryptography (ex. Cryptech)

4

h^ps://www.flickr.com/photos/powerbooktrance/466709245/ CC BY

Email Hijacking A Current Threat CERT-CC researchers have idenEfied that someone is

hijacking email by using DNS cache poisoning of MX records Could be prevented by DNSSEC deployment CERT-CC (Sept 10, 2014):

- h^ps://www.cert.org/blogs/certcc/post.cfm?EntryID=206 Deploy360 blog post (Sept 12, 2014):

- h^p://wp.me/p4eijv-5jI

9/7/16

3

What Problem Is DNSSEC Trying To Solve? DNSSEC = "DNS Security Extensions"

Defined in RFCs 4033, 4034, 4035 OperaEonal PracEces: RFC 4641

Ensures that the informaEon entered into DNS by the domain name holder is the SAME informaEon retrieved from DNS by an end user.

Let's walk through an example to explain 7

A Normal DNS InteracEon

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

example.com? 1

2

3

4

10.1.1.123

Resolver checks its local cache. If it has the answer, it sends it back.

example.com 10.1.1.123

If not

8

A Normal DNS InteracEon

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

10.1.1.123

125

6

DNS Svr example.com

DNS Svr .com

DNS Svr root

3

10.1.1.123 4

example.com NS

.com NS

example.com?

9

9/7/16

4

DNS Works On Speed First result received by a DNS resolver is treated as the

correct answer.

Opportunity is there for an a^acker to be the first one to get an answer to the DNS resolver, either by: Genng to the correct point in the network to provide faster responses;

Blocking the responses from the legiEmate servers (ex. execuEng a Denial of Service a^ack against the legiEmate servers to slow their responses)

10

A^acking DNS

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

10.1.1.123

125

6

DNS Svr example.com

DNS Svr .com

DNS Svr root

3

192.168.2.2 4

A^ackingDNS Svr example.com

192.168.2.2

example.com NS

.com NS

example.com?

11

A Poisoned Cache

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver 1

2

3

4

192.168.2.2

Resolver cache now has wrong data:

example.com 192.168.2.2

This stays in the cache unEl the Time-To-Live (TTL) expires!

example.com?

12

9/7/16

5

How Does DNSSEC Help? DNSSEC introduces new DNS records for a domain:

RRSIG a signature ("hash") of a set of DNS records DNSKEY a public key that a resolver can use to validate RRSIG

A DNSSEC-validaEng DNS resolver: Uses DNSKEY to perform a hash calculaEon on received DNS records

Compares result with RRSIG records. If results match, records are the same as those transmi^ed. If the results do NOT match, they were potenEally changed during the travel from the DNS server.

13

A DNSSEC InteracEon

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

10.1.1.123 DNSKEY RRSIGs

125

6

DNS Svr example.com

DNS Svr .com

DNS Svr root

3

10.1.1.123 4

example.com?

14

A DNSSEC InteracEon

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

10.1.1.123 DNSKEY RRSIGs

125

6

DNS Svr example.com

DNS Svr .com

DNS Svr root

3

10.1.1.123 4

example.com NS DS

.com NS DS

example.com?

15

9/7/16

6

The Global Chain of Trust

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

10.1.1.123 DNSKEY RRSIGs

125

6

DNS Svr example.com

DNS Svr .com

DNS Svr root

3

10.1.1.123 4

example.com NS DS

.com NS DS

example.com?

16

A^empEng to Spoof DNS

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

10.1.1.123 DNSKEY RRSIGs

125

6

DNS Svr example.com

DNS Svr .com

DNS Svr root

3

A^ackingDNS Svr example.com

192.168.2.2 DNSKEY RRSIGs

example.com NS DS

.com NS DS

example.com?

17

A^empEng to Spoof DNS

Web Server

Web Browser

h^ps://example.com/

web page

DNS Resolver

10.1.1.123 DNSKEY RRSIGs

125

6

DNS Svr example.com

DNS Svr .com

DNS Svr root

3

SERVFAIL 4

A^ackingDNS Svr example.com

192.168.2.2 DNSKEY RRSIGs

example.com NS DS

.com NS DS

example.com?

18

9/7/16

7

What DNSSEC Proves: "These ARE the IP addresses you are looking for." (or they are not)

Ensures that informaEon entered into DNS by the domain name holder (or the operator of the DNS hosEng service for the domain) is the SAME informaEon that is received by the end user.

9/7/16 19

The Two Parts of DNSSEC Signing ValidaEng

ISPs

Enterprises

ApplicaEons

DNS HosEng

Registrars

Registries

20

DNSSEC Signing - The Individual Steps

Registry

Registrar

DNS Operator (or DNS HosEng

Provider)

Domain Name Registrant

Signs TLD Accepts DS records Publishes/signs records Accepts DS records Sends DS to registry Provides UI for mgmt Signs zones Publishes all records Provides UI for mgmt

Enables DNSSEC (unless automaEc)

21

9/7/16

8

DNSSEC and TLS/SSL

22

Why Do I Need DNSSEC If I Have TLS? A common quesEon:

why do I need DNSSEC if I already have a SSL cer8ficate? (or an "EV-SSL" cer8ficate?)

Transport Layer Security (TLS), someEmes called by its older name of SSL, solves a different issue it provides encrypEon and protecEon of the communicaEon between the browser and the web server

23

The Typical TLS Web InteracEon Web Server

Web Browser

h^ps://example.com/

TLS-encrypted web page

DNS Resolver

example.com?

10.1.1.123 1

2

5

6DNS Svr example.com

DNS Svr .com

DNS Svr root

3

10.1.1.123 4

9/7/16

9

The Typical TLS Web InteracEon Web Server

Web Browser

h^ps://example.com/

TLS-encrypted web page

DNS Resolver

10.1.1.123 1

2

5

6DNS Svr example.com

DNS Svr .com

DNS Svr root

3

10.1.1.123 4

Is this encrypted with the CORRECT cerEficate?

example.com?

What About This? Web Server

Web Browser

h^ps://www.example.com/ TLS-encrypted web page with CORRECT cerEficate

DNS Server

www.example.com?

1.2.3.4 1

2

Firewall (or a^acker)

h^ps://www.example.com/

TLS-encrypted web page with NEW cerEficate (re-signed by firewall)

26

Problems? Web Server

Web Browser

h^ps://www.example.com/ TLS-encrypted web page with CORRECT cerEficate

DNS Server

www.example.com?

1.2.3.4 1

2

Firewall

h^ps://www.example.com/

TLS-encrypted web page with NEW cerEficate (re-signed by firewall)

27

9/7/16

10

Problems? Web Server

Web Browser

h^ps://www.example.com/ TLS-encrypted web page with CORRECT cerEficate

DNS Server

www.example.com?

1.2.3.4 1

2

Firewall

h^ps://www.example.com/

Log files or other servers

PotenEally including personal informaEon

TLS-encrypted web page with NEW cerEficate (re-signed by firewall)

28

Issues A CerEficate Authority (CA) can sign ANY domain.

Now over 1,500 CAs there have been compromises where valid certs were issued for domains.

Middle-boxes such as firewalls can re-sign sessions.

29

DNS-Based AuthenEcaEon of Named EnEEes (DANE) Q: How do you kno