© 2006-2012 NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License The details.

Slides:



Advertisements
Similar presentations
© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License DNSSEC ROLLING.
Advertisements

RRSIG:“I certify that this DNS record set is correct” Problem: how to certify a negative response, i.e. that a record doesn’t exist? NSEC:“I certify that.
DNS Transfers in DNSSEC world Olafur Gudmundsson Steve Crocker Shinkuro, Inc.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
DNSSEC Brought to you by ISC-BIND, SUNYCT, and: Nick Merante – SUNYIT Comp Sci SysAdmin Nick Gasparovich – SUNYIT Campus SysAdmin Paul Brennan – SUNYIT.
DNS Security Overview AROC Guatemala July What’s the Problem? Until July of 2008 the majority of authoritative DNS servers worldwide were completely.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
DNS Security A.Lioy, F.Maino, M. Marian, D.Mazzocchi Computer and Network Security Group Politecnico di Torino (Italy) presented by: Marius Marian.
DNS Security Extension (DNSSEC). Why DNSSEC? DNS is not secure –Applications depend on DNS ►Known vulnerabilities DNSSEC protects against data spoofing.
1 SecSpider: Distributed DNSSEC Monitoring Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.
Chapter 8 Web Security.
Domain Name System Security Extensions (DNSSEC) Hackers 2.
DNS Security Brad Pokorny The University of Minnesota Informal Security Seminar 4/18/03.
Deploying DNSSEC in Windows Server 2012 Rob Kuehfus Program Manager Microsoft Corporation WSV325.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
Olaf M. Kolkman. Apricot 2003, February 2003, Amsterdam. /disi Steps towards a secured DNS Olaf M. Kolkman, Henk Uijterwaal, Daniel.
Data You Can Trust: The Key to Information Security Dr. Burt Kaliski, Jr. Senior Vice President and CTO, Verisign 25 th HP Information Security Colloquium.
Tony Kombol ITIS Who knows this? Who controls this? DNS!
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Identity Management and DNS Services Tianyi XING.
DNSSEC Introduction to Concepts Bill Manning
1 DNSSEC at ESnet ESCC/Internet2 Joint Techs Workshop July 19, 2006 R. Kevin Oberman Network Engineer Lawrence Berkeley National Laboratory.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
IIT Indore © Neminath Hubballi
Olaf M. Kolkman. Domain Pulse, February 2005, Vienna. DNSSEC Basics, Risks and Benefits Olaf M. Kolkman
© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Troubleshooting.
Introduction to DNSSEC AROC Bamako, Mali, What is DNSSEC?
DNSSEC an introduction ccTLD workshop November 26-29th, 2007 Amman, Jordan Based on slides from RIPE NCC.
Olaf M. Kolkman. Apricot 2005, February 2005, Kyoto. DNSSEC An Update Olaf M. Kolkman
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
ISOC.NL SIP © 15 March 2007 Stichting NLnet Labs DNSSEC and ENUM Olaf M. Kolkman
© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Practicalities.
Tony Kombol ITIS DNS! overview history features architecture records name server resolver dnssec.
1 DNSSEC Deployment: Big Steps Forward; Several Steps to Go NANOG 32 Deployment D N S S E C Rob Austein Steve Crocker
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
1 DNSSEC Transforming a protocol bug into an admin tool Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb.
Security in DNS(DNSSEC) Yalda Edalat Pramodh Pallapothu.
Olaf M. Kolkman. IETF55, November 2002, Atlanta GA. 1 key-signing key flag [1] & wildcard-optimization [2] Olaf Kolkman [1] with.
DNS Security Extension 1. Implication of Kaminsky Attack Dramatically reduces the complexity and increases the effectiveness of DNS cache poisoning –No.
Private key
By Team Trojans -1 Arjun Ashok Priyank Mohan Balaji Thirunavukkarasu.
Olaf M. Kolkman. IETF58, Minneapolis, November DNSSEC Operational Practices draft-ietf-dnsop-dnssec-operational-practices-00.txt.
Ch 6: DNSSEC and Beyond Updated DNSSEC Objectives of DNSSEC Data origin authentication – Assurance that the requested data came from the genuine.
DNS Cache Poisoning (pretending to be the authoritative zone) ns.example.co m Webserver ( ) DNS Caching Server Client I want to access
Internet infrastructure 1. Infrastructure Security r User expectations  Reliable service  Reliable endpoints – although we know of spoofing and phishing.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Using Digital Signature with DNS. DNS structure Virtually every application uses the Domain Name System (DNS). DNS database maps: –Name to IP address.
DNSSEC an introduction ccTLD workshop November 26-29th, 2007 Amman, Jordan Based on slides from RIPE NCC.
The Secure Sockets Layer (SSL) Protocol
Key management issues in PGP
Security Issues with Domain Name Systems
Lecture 20 DNS Sec Slides adapted from Olag Kampman
Computer Communication & Networks
DNS Cache Poisoning Attack
S/MIME T ANANDHAN.
DNSSEC Basics, Risks and Benefits
A New Approach to DNS Security (DNSSEC)
NET 536 Network Security Lecture 8: DNS Security
The Secure Sockets Layer (SSL) Protocol
NET 536 Network Security Lecture 6: DNS Security
Presentation transcript:

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License The details Presented by Olaf Kolkman (NLnet Labs)

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License DNSSEC Mechanisms New Resource Records Setting Up a Secure Zone Delegating Signing Authority

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Secondary DNS primary DNS Registrars & Registrants Registry Secondary DNS Data flow through the DNS Where are the vulnerable points? Server vulnarability Man in the Middle spoofing & Man in the Middle

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License DNSSEC protects all these end-to-end As an aside: There is a protection mechanism against the man in the middle: TSIG Provides hob-by-hop security TSIG is operationally deployed today Based on shared secret: not scalable

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License What does DNSSEC provide provides message authentication and integrity verification through cryptographic signatures You know who provided the signature No modifications between signing and validation It does not provide authorization It does not provide confidentiality It does not provide protection against DDOS

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Metaphor OK

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Metaphor OK Envelope sealed when data is published in the DNS system Does not provide confidentially The seal protects the delivery process No assertion about the message OKOK

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License primary DNS Secondary DNS Registrars & Registrants Registry Secondary DNS Data flow through the DNS End to end security OKOK OKOK Apply Seal Validate Seal

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Trust and Confidence DNSSEC enables confidence in the DNS It does not change the trust we put in the Registry/Registrar procedures Although introduction of DNSSEC may improve some of the procedures Registry system DNS system

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License The mechanism used Using public key cryptographic algorithms signatures are applied over the DNS data By comparing the signatures with public keys the integrity and authenticity of the data can be established.

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Public key cryptography in a nutshell Two large numbers and an encryption and decryption algorithm If one of the numbers (the private key) and a message are used for encryption The other number (public key) and the decryption algorithm can be used to retrieve the original message

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Message Private Key 3ncypt3d Public Key Message Decription only with matching key: If you can decrypt with a public key you may assert the message was signed with corresponding private key

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Use that for signatures Message Digest Message Digest Private Key S19nature Public Key Decrypted Message Digest Message Message Calculated Message Digest Calculated Message Digest plain text

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License In Practice Key generation and signing is done by tools Validating and signing entity need to communicate which algorithms for hashing and public key cryptography is needed: e.g. RSASHA1, RSASHA256 or DSA

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Holy Trinity Private Key: kept private and stored locally Public Keys: Published in the DNS as a DNSKEY Resource Record Signatures: Published in the DNS as a RRSIG Resource Record

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Signing is done per Zone Each zone has one or more key-pairs for signing If you have the public keys from a zone you can validate signatures made with the corresponding private keys However, signing a complete zone does not scale

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License RRs and RRSets Resource Record: –name TTL class type rdata INA RRset: RRs with same name, class and type: IN A A A RRsets are the atomic data units in the DNS RRsets are signed, not the individual RRs

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License DNSKEY RDATA 16 bits: FLAGS 8 bits: protocol 8 bits: algorithm N*32 bits: public key nlnetlabs.nl IN DNSKEY ( AQOvhvXXU61Pr8sCwELcqqq1g4JJ CALG4C9EtraBKVd+vGIF/unwigfLOA O3nHp/cgGrG6gJYe8OWKYNgq3kDChN)

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License 16 bits - type covered 8 bits - algorithm 8 bits - nr. labels covered 32 bits - original TTL nlnetlabs.nl IN RRSIG A ( nlnetlabs.nl. VJ+8ijXvbrTLeoAiEk/qMrdudRnYZM1VlqhN vhYuAcYKe2X/jqYfMfjfSUrmhPo+0/GOZjW 66DJubZPmNSYXw== ) RRSIG RDATA 32 bit - signature expiration 32 bit - signature inception 16 bit - key tag signer’s name

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Validate Public Keys Make sure you get them from the appropriate entity and configure them as trust-anchors If you validate against the wrong public key there is a problem again For DNSSEC: key distribution through the DNS Ideally only one key needed: that of the root of the DNS hierarchy (more on that later)

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Delegating Signing Authority Chains of Trust

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Validating against configured keys Key distribution does not scale! net. money.net. kids.net. dop corp dev market dilbert unixmac marnick nt os.net. com.. Out of band key-exchanges Secure entry points

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Locally Secured Zones Delegate Signing Security net. money.net. kids.net. dop corp dev market dilbert unixmac marnick nt os.net. com.. Secure entry points NS & DS NS and DS

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Using the DNS to Distribute Keys Secured islands make key distribution problematic Distributing keys through DNS: –Use one trusted key to establish authenticity of other keys –Building chains of trust from the root down –Parents need to sign the keys of their children Only the root key needed in ideal world –Parents always delegate security to child

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Delegation Signer (DS) Delegation Signer (DS) RR indicates that: –delegated zone is digitally signed –indicated key is used for the delegated zone Parent is authorative for the DS of the child’s zone –Not for the NS record delegating the child’s zone! –DS should not be in the child’s zone

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License 16 bits: key tag 8 bits: algorithm 8 bits: digest type 20 bytes: SHA-1 Digest $ORIGIN nlnetlabs.nl. lab.nlnetlabs.nl IN NS ns.lab.nlnetlabs.nl lab.nlnetlabs.nl IN DS ( 239af98b923c023371b52 1g23b92da12f42162b1a9 ) DS RDATA

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Key Problem Interaction with parent administratively expensive Should only be done when needed You might want to lock these in hardware Signing zones should be fast Memory restrictions Space and time concerns Operational exposure higher

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License More Than One Key: KSK and ZSK RRsets are signed, not RRs DS points to specific key Signature from that key over DNSKEY RRset transfers trust to all keys in DNSKEY RRset Key that DS points to only signs DNSKEY RRset Key Signing Key (KSK) Other keys in DNSKEY RRset sign entire zone Zone Signing Key (ZSK)

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License The Important Considerations KSK and ZSK have different ‘shielding’ properties: KSK on smartcard, ZSK on disk ZSK needs ‘daily’ or permanent use. KSK less frequent ZSK change needs no involvement with 3rd parties KSK may need uncontrolled cooperation from 3rd parties

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Initial Key Exchange Child needs to: Send key signing keyset to parent Parent needs to: Check childs zone for DNSKEY & RRSIGs Verify if key can be trusted Generate DS RR

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License $ORIGIN.. DNSKEY (…) 5TQ3s… (8907) ; KSK DNSKEY (…) lasE5… (2983) ; ZSK 1 $ORIGIN net. net. DNSKEY (…) q3dEw… (7834) ; KSK DNSKEY (…) 5TQ3s… (5612) ; ZSK 4 $ORIGIN foo.net. foo.net. DNSKEY (…) rwx002… (4252) ; KSK DNSKEY (…) sovP42… (1111) ; ZSK 7 Walking the Chain of Trust Locally configured Trusted key: RRSIG DNSKEY (…) Hw9.. net. DS ab15… RRSIG DS (…) foo.net. DS ab15… RRSIG DS (…) net RRSIG DNSKEY (…) 7834 net. cMas... 8 RRSIG DNSKEY (…) 4252 foo.net. 5t... A RRSIG A (…) 1111 foo.net. a3... 9

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Data in zone can be trusted if signed by a Zone- Signing-Key Zone-Signing-Keys can be trusted if signed by a Key- Signing-Key Key-Signing-Key can be trusted if pointed to by trusted DS record DS record can be trusted if signed by the parents Zone-Signing-Key or DS or DNSKEY records can be trusted if exchanged out-of-band and locally stored (Secure entry point) Chain of Trust Verification, Summary

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Where are we DNSKEY RRSIG DS

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Offline Signing and Denial of Existence Problems with on-the-fly signing Private key needs to be stored on an Internet facing system Performance, signing is a CPU expensive operation How does one provide a proof that the answer to a question does not exist?

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Points to the next domain name in the zone –also lists what are all the existing RRs for “name” –NSEC record for last name “wraps around” to first name in zone N*32 bit type bit map Used for authenticated denial-of-existence of data –authenticated non-existence of TYPEs and labels Example: IN NSEC nlnetlabs.nl. A RRSIG NSEC NSEC RDATA

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License NSEC Records NSEC RR provides proof of non-existence If the servers response is Name Error (NXDOMAIN): –One or more NSEC RRs indicate that the name or a wildcard expansion does not exist If the servers response is NOERROR: –And empty answer section –The NSEC proves that the QTYPE did not exist More than one NSEC may be required in response –Wildcards NSEC records are generated by tools –Tools also order the zone

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License NSEC Walk NSEC records allow for zone enumeration Providing privacy was not a requirement at the time Zone enumeration is a deployment barrier Solution has been developed: NSEC3 RFC 5155 Complicated piece of protocol work Hard to troubleshoot Only to be used over Delegation Centric Zones

page © NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License NSEC3 A C N ZH(A) H(C) H(N) H(Z) Creates a linked list of the hashed names Non-existence proof of the hash proofs non- existence of original Dictionary attack barriers: –Salt –Iterations

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License New Resource Records Three Public key crypto related RRs –RRSIG: Signature over RRset made using private key –DNSKEY: Public key, needed for verifying a RRSIG –DS: Delegation Signer; ‘Pointer’ for building chains of authentication One RR for internal consistency –NSEC and NSEC3: Indicates which name is the next one in the zone and which typecodes are available for the current name authenticated non-existence of data

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Other Keys in the DNS DNSKEY RR can only be used for DNSSEC –Keys for other applications need to use other RR types CERT –For X.509 certificates Application keys under discussion/development –IPSECKEY SSHFPSummary for now DANE!!!

page © NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Summary and questions You have seen the new RRs and learned what is their content

page © NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Questions? Summary Scaling problem: secure islands Zone signing key, key signing key Chain of trust

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License

© NLnet Labs, Licensed under a Creative Commons Attribution 3.0 Unported License.Creative Commons Attribution 3.0 Unported License Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.