1 / 32

Information Security 1 ( InfSi1 )

Information Security 1 ( InfSi1 ). 5 DNS Security Extensions DNSSEC. Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA). Information Security 1 ( InfSi1 ). 5.1 Kaminsky Attack on the Domain Name Service. DNS Resolution via Recursive Nameserver.

gzifa
Télécharger la présentation

Information Security 1 ( InfSi1 )

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security 1 (InfSi1) 5 DNS Security ExtensionsDNSSEC Prof. Dr. Andreas SteffenInstitute for Internet Technologies and Applications (ITA)

  2. Information Security 1 (InfSi1) 5.1 Kaminsky Attack onthe Domain Name Service

  3. DNS Resolution via Recursive Nameserver

  4. DNS Request

  5. DNS Response

  6. Simple DNS Cache Poisoning

  7. Guessing Query ID and UDP Source Port

  8. The Dan Kaminsky DNS Vulnerability – July 2008

  9. Information Security 1 (InfSi1) 5.2 DNS Root Servers

  10. DNS Root Servers IPv4 IPv6 Operator # 198.41.0.4 A VeriSign Inc. 2001:503:BA3E::2:30 8 B 192.228.79.201 2001:478:65::53 1 Information Sciences Institute, USC C 192.33.4.12 - Cogent Communications 8 D 199.7.91.13 2001:500:2D::D University of Maryland 2 E 192.203.230.10 - NASA Ames Research Center 12 F 192.5.5.241 2001:500:2F::F Internet Systems Consortium Inc. 56 G 192.112.36.4 - US DoDNetwork Information Center 6 H 128.63.3.53 2001:500:1::803F:235 US Army Research Lab 2 I 192.36.148.17 2001:7FE::53 Netnod 43 J 192.58.128.30 2001:503:C27::2:30 VeriSign Inc. 69 K 193.0.14.129 2001:7FD::1 RIPE NCC 17 199.7.83.42 L 2001:500:3::42 ICANN 146 M 202.12.27.33 2001:DC3::35 WIDE Project 6 Total number of servers: 376

  11. Global Map of Root Servers

  12. Information Security 1 (InfSi1) 5.3 DNS SecurityResource Records

  13. DNSSEC Chain of Trust root ch. switch.ch. root DNSKEY (KSK) * root DNSKEY (ZSK) KSK/ZSK ch. DNSKEY (KSK) ch. DS ch. DNSKEY (ZSK) ZSK KSK/ZSK switch.ch. DS switch.ch. DNSKEY (KSK) ZSK switch.ch. DNSKEY (ZSK) KSK/ZSK switch.ch. NS ns1/ns2 ZSK www.switch.ch. A x.x.x.x * explicit import e.g. via trusted web site ZSK

  14. DNSSEC Resource Records I - DNSKEY • DNSKEY - DNS Public Key • Contains a public key used to sign the RRsets of a zoneswitch.ch. 81154 IN DNSKEY 256 3 5 AwEAAeCDWwjJO4mXBzayiKf4p7waJ7Ew eUnsTsAWkxpfELci4iaVdBugzYPfsZIg 9R6TIPky3LoPAPmIjCc2fbFkKnrGI7hJ jXAGMRwRJIBprFx4BXZSsjsvGb6MGC+exHSlXw== ;{id = 64608 (zsk), size = 768b} • Flags field • 256 -> Zone Signing Key (ZSK) • 257 -> Key Signing Key (KSK) with secure entry point (SEP) flag set • Algorithm field • 5 -> SHA-1 with RSA • 7 -> SHA-1 with RSA & NSEC3 with SHA-1 • 8 -> SHA-256 with RSA • 10 -> SHA-512 with RSA

  15. DNSSEC Resource Records II - RRSIG • RRSIG - Resource Record Signature • Contains a public key signature over a resource record set (RRset)merapi.switch.ch. 172800 IN A 130.59.211.10merapi.switch.ch. 172800 IN RRSIG A 5 3 172800200911282310332009102923103364608 switch.ch. 3KW9YjxdL08FqVYKFSn9 Q4+8U1iYrVCun+J1Ny8Y IiMC+6oQS/GZwRn2mr+H MruwEjNB9s7bWGzRmRiR TATPvS67gxjCiJkSP58P kGJ1dW3wBaz6r1feGNvz KhHLhvRe ;{id = 64608} • Signature Expiration and Inception Fields • The signature is not valid before Inception and after Expiration date. • Key Tag Field • Contains the key tag of the key which signed the RRset.

  16. DNSSEC ResourceRecords III - DS • DS - Delegation Signer • Signed hash computed over KSK of child zoneswitch.ch. 3364 IN DS 43837 5 1 91dcfca519cf8b038441869878cc3610 60200534switch.ch. 3364 IN DS 43837 5 2 838cef7635952df83311a92b48ae7f19 1ae29484534e38b1ab7b3d0966b9ee55switch.ch. 3416 IN RRSIG DS 7 2 3600 20091123183442 20091117220724 31034 ch. LPh8RgXQSqPcdQz6s1PJOjTuopO9RxQg s1YYCY/CnhYaHxb6ndNBJ7QP20eKN+91 /ULjN4Ep/k9Pgtos979i5OfEXpfLcWcv rKP1xGvqW4PjP+MT1PDs6uKisEUqGBoQ p7+nkkzjY+YsDbxtTV+/8uHcSnNmXoMm SqPms3G0aw4= ;{id = 31034}

  17. DNSSEC Resource Records IV - NSEC • NSEC – Next Owner Name • Authenticated denial of existence of an owner namemerapi.switch.ch. 180 IN NSEC mercury.switch.ch. A PTR AAAA LOC RRSIG NSECmerapi.switch.ch. 180 IN RRSIG NSEC 5 3 180 20091128231033 20091029231033 64608 switch.ch. kW1SnXWoJKwOHEG1P3INI83EOGuQGujwvBT/MSWVQ+ms/2DXxjQcpt1Z P07+XI51cc0t7erUUG31KZdmUpXZ tQzPUJh49jjLh9aTjRiH1xGhlxv5 af+N95JDykRGSOAq ;{id = 64608} • Proof that there is no name between merapi.switch.ch. and mercury.switch.ch. • Allows enumeration of complete zone data!!!

  18. DNSSEC Resource Records V - NSEC3 • NSEC3 – Next Owner Name in Hashed Order • Hashed Authenticated Denial of Existenceh9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 691 IN NSEC3 1 1 1 d399eaabh9rsfb7fpf2l8hg35cmpc765tdk23rp6 NS SOA RRSIG DNSKEY NSEC3PARAM ; flags: optouth9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 691 IN RRSIG NSEC3 7 2 86400 20091202211702 20091118201702 5273 org. a+CC37hRM7yCFBaZn2SeRgY9h247GXptCuBYf45TwaoRxvBwTAXPT+UwZ/4hxwc2v7AR7ZZ8UOMiNJvYsl59eFW8 Xtgws4/Aih0fJ2/O8yUHwI695fRf9PrpxXEpqzStjSZP 5arJ1oldDAHcnxgLqdAMW6wnK1FNrslfJblJlmU= ;{id = 5273} • Proof that there is no name between org. and ???.org. • Does not allow straight enumeration of zone data! • Dictionary attacks are possible but expensive.

  19. Information Security 1 (InfSi1) 5.4 DANE

  20. DNS-based Authentication ofNamedEntitiesDANE (RFC 6698, August 2012) • DANE defines a TLSA Resource Record • Certificate Usage0 – CA Certificate Constraint 1 – Server Certificate Constraint 2 – Trust Anchor Assertion for Private CA 3 – Domain Issued Certificate • Selector0 – Full Certificate 1 – Public Key Info (Public Key plus Key Type Information) • Matching Type0 – Exact Match on Selected Content 1 –SHA-256 Hash of Selected Content 2 –SHA-512 Hash of Selected Content Cert. Usage Selector Matching Type Certificate Association Data

  21. DANE – Verifying Server and CA Certificates TLS Server www.hsr.ch DNS Server hsr.ch private key Kool CA Kool CA check server certificate www.hsr.ch. TLSA 1 0 1 SHA-256 Hash www.hsr.ch ZSK Kool CA or TLS Client check CA certificate www.hsr.ch. TLSA 0 0 2 SHA-512 Hash ZSK

  22. DANE – Getting CA Certificateor Public Key TLS Server www.hsr.ch DNS Server hsr.ch private key HSR CA HSR CA www.hsr.ch. TLSA 2 0 0 www.hsr.ch get CA certificate HSR CA ZSK or TLS Client www.hsr.ch. TLSA 2 10 get CA public key ZSK

  23. DANE – VerifyingSelf-Signed Server Certificates TLS Server www.hsr.ch DNS Server hsr.ch private key check server certificate www.hsr.ch. TLSA 3 0 1 SHA-256 Hash www.hsr.ch ZSK Self TLS Client

  24. DANE – VerifyingRaw RSA Keys TLS Server www.hsr.ch DNS Server hsr.ch private key check server public key www.hsr.ch. TLSA 3 1 1 SHA-256 Hash ZSK TLS Client

  25. DANE – Getting Server Certificateor Public Key TLS Server www.hsr.ch DNS Server hsr.ch private key www.hsr.ch Self www.hsr.ch. TLSA 3 0 0 get server certificate ZSK or TLS Client www.hsr.ch. TLSA 3 10 get server public key ZSK

  26. Information Security 1 (InfSi1) 5.5 DNS Root SigningProcess

  27. DNSSEC Root Zone SigningProcess TLD Operator DS Records ICANN Vetting and Processing DS Records DoC NTIA Authorization of Changes DS Records VeriSign Editing and Signing of Root Zone Root ZSK DS Records ZSK Root Servers (A, ... , M)

  28. ZSK KSK ZSK ZSK KSK KSK DNSSEC Root Zone Signing Key SigningProcess ZSK Private Key VeriSignZSK Management KSR Key SigningRequest SKR Signed Key Response ICANNKSK Management Published on Web Site KSK Private Key

  29. ICANN Key Ceremonies Tier 1 – Facility – Access Controlby Data Center Tier 2 – Facility – Access Control by Data Center Tier 3 – Facility – Access Control by Data Center Tier 4 – Cage – Access Control by Data Center Tier 5 – Safe Room – Access Control by ICANN Tier 6 – Safe #1 Tier 6 – Safe #2 Tier 7 – HSM Tier 7 – Safe Deposit Box Key CeremonyComputer KSK Private Keys Crypto Officers‘Credentials

  30. ICANN Key Ceremonies

  31. Periodic Key Rollover T-10 T+0 T+10 T+20 T+30 T+40 T+50 T+60 T+70 T+80 T+90 ZSK Rollover (every 90 days) ZSK ZSK post-publish ZSK pre-publish ZSK ZSK ZSK ZSK ZSK ZSK ZSK ZSK ZSK ZSK post-publish ZSK pre-publish ZSK Optional KSK Rollover (every 2-5 yearsor on demand) KSK publish+sign KSK publish+sign KSK publish+sign KSK publish+sign KSK publish+sign KSK publish+sign KSK publish+sign KSK revoke+sign KSK revoke+sign KSK publish KSK publish KSK publish KSK publish KSK publish KSK publish+sign KSK publish+sign KSK publish+sign KSK publish+sign RRSIG ValidityPeriod (10 days + 50% overlap)

  32. DNSSEC Deployment (October22, 2013) • TLDs signed by root zone: • 13 gTLDs: arpaasiabizcatcomedugovinfomilmuseumnetorgpost • 81 ccTLDS: acafagam at bebgbrbzca cc ch cl cocr cx cz de dkeufifofrgiglgngrgshnin ioisjpkg kikrla lblc li lkltlu lv me mm mnmy na ncnfnl nu nzplpmprptpwrerusbsc seshsi susxtfthtmtttvtwtzuaugukuswfyt • 8 IDN ccTLDS: xn--kprw13d xn--kpry57d (台湾 Taiwan)xn--mgbx4cd0ab (مليسيا Malaysia)xn--3e0b707e (한국 South Korea)xn--o3cw4h (ไทย Thailand) xn-l1acc (монMongolia)xn-h2brj9c (भारतIndia)xn--p1ai (рфRussia) • Signing of major gTLDs: • net: December 2010 • com: March 2011

More Related