fighting the poison dnssec to the rescue
play

Fighting the poison: DNSSEC to the rescue Stphane Bortzmeyer AFNIC - PowerPoint PPT Presentation

Mar 25, 2024 •423 likes •1.02k views

Fighting the poison: DNSSEC to the rescue Stphane Bortzmeyer AFNIC bortzmeyer@nic.fr 1 / 23 Fighting the poison: DNSSEC to the rescue Stphane Bortzmeyer AFNIC bortzmeyer@nic.fr 2 / 23 Small reminder about the DNS Data retrieval on

  1. Fighting the poison: DNSSEC to the rescue Stéphane Bortzmeyer AFNIC bortzmeyer@nic.fr 1 / 23

  2. Fighting the poison: DNSSEC to the rescue Stéphane Bortzmeyer AFNIC bortzmeyer@nic.fr 2 / 23

  3. Small reminder about the DNS Data retrieval on the Internet, via a key, the domain name . Provides: 3 / 23

  4. Small reminder about the DNS Data retrieval on the Internet, via a key, the domain name . Provides: Stability 3 / 23

  5. Small reminder about the DNS Data retrieval on the Internet, via a key, the domain name . Provides: Stability Memorisability 3 / 23

  6. Small reminder about the DNS Data retrieval on the Internet, via a key, the domain name . Provides: Stability Memorisability Security? 3 / 23

  7. Small reminder about the DNS Data retrieval on the Internet, via a key, the domain name . Provides: Stability Memorisability Security? Most common data type retrieved: IP addresses 3 / 23

  8. Small reminder about the DNS Data retrieval on the Internet, via a key, the domain name . Provides: Stability Memorisability Security? Most common data type retrieved: IP addresses DNS is a vital part of the Internet infrastructure 3 / 23

  9. Tree structure A network database, organized as a tree. Dot root fr org com top-level domains zone debian.org. lower-level chicoree debian domain names alioth www mail www hosts debichem lilo Host www.debian.org. Host www.chicoree.fr. 4 / 23

  10. Name servers Authoritative servers (masters and slaves) have a pristine copy of the data 5 / 23

  11. Name servers Authoritative servers (masters and slaves) have a pristine copy of the data Resolvers (or recursors or caches or recursive servers) query the authoritative servers 5 / 23

  12. Name servers Authoritative servers (masters and slaves) have a pristine copy of the data Resolvers (or recursors or caches or recursive servers) query the authoritative servers There is also a stub resolver (often without a cache) in libraries/applications 5 / 23

  13. Resolution Recursive DNS server Another authoritative name server User is here 6 / 23

  14. Threats Unauthorized Tra ffi c change in the corruption zone fi le DoS Master Cracking Zone fi le or database Stub resolvers Dynamic updates Recursive server Unauthorized (resolver) updates Slaves Tra ffi c corruption Cache poisoning Spoo fi ng the master (Kaminsky) Zone transfer corruption 7 / 23

  15. The biggest threat 8 / 23

  16. Poisoning attack 9 / 23

  17. Poisoning attack Communication between authoritative servers and resolvers is typically with UDP − → no protection against IP spoofing 9 / 23

  18. Poisoning attack Communication between authoritative servers and resolvers is typically with UDP − → no protection against IP spoofing The attacker replies before the legitimate server − → done! 9 / 23

  19. Poisoning attack Communication between authoritative servers and resolvers is typically with UDP − → no protection against IP spoofing The attacker replies before the legitimate server − → done! There are some checks by the resolver: query ID (a small cookie), query name. . . 9 / 23

  20. Poisoning attack Communication between authoritative servers and resolvers is typically with UDP − → no protection against IP spoofing The attacker replies before the legitimate server − → done! There are some checks by the resolver: query ID (a small cookie), query name. . . Since the data have a Time-To-Live (TTL), if the attacker loses the race, he has to wait 9 / 23

  21. Poisoning attack Communication between authoritative servers and resolvers is typically with UDP − → no protection against IP spoofing The attacker replies before the legitimate server − → done! There are some checks by the resolver: query ID (a small cookie), query name. . . Since the data have a Time-To-Live (TTL), if the attacker loses the race, he has to wait In 2008, Kaminsky discovered a way to retry the attack immediately. This boosted DNSSEC deployment 9 / 23

  22. Cryptography 101 DNSSEC uses asymmetric crypto: a key has a private part and a public part. Algorithms: RSA, ECDSA. . . DNSSEC relies on hashing: we sign hashes, not directly the data. Algorithms: SHA 10 / 23

  23. DNSSEC requirments 1 Data protection ( � = channel protection) 11 / 23

  24. DNSSEC requirments 1 Data protection ( � = channel protection) 2 Check the authenticity of the data, whatever the relays and caches 11 / 23

  25. DNSSEC requirments 1 Data protection ( � = channel protection) 2 Check the authenticity of the data, whatever the relays and caches 3 Compatible with existing DNS (same resource record format) 11 / 23

  26. DNSSEC requirments 1 Data protection ( � = channel protection) 2 Check the authenticity of the data, whatever the relays and caches 3 Compatible with existing DNS (same resource record format) 4 Confidentiality is out of scope 11 / 23

  27. DNSSEC basics 1 Each zone has a key (with a public and a private part) 12 / 23

  28. DNSSEC basics 1 Each zone has a key (with a public and a private part) 2 Resource records are signed with the private part 12 / 23

  29. DNSSEC basics 1 Each zone has a key (with a public and a private part) 2 Resource records are signed with the private part 3 Authoritative name servers serve the signed data 12 / 23

  30. DNSSEC basics 1 Each zone has a key (with a public and a private part) 2 Resource records are signed with the private part 3 Authoritative name servers serve the signed data 4 Validating resolvers check the signature with the public part 12 / 23

  31. Keys ; v Crypto algorithm ; v absolight.fr. 7069 IN DNSKEY 257 3 8 ( AwEAAateikCxMCJjIPEQ+hKu9xF0RkUtssOkynR7SoUy ... VtzH7JEEz2Q3lqNTWj430m/Bzi8IDCbbfkOlIhk= ) ; key id = 62795 8 − → RSA + SHA-256 Key ID (or key tag): a short identifier for the key 13 / 23

  32. Signatures ; An ordinary resource record, here of type AAAA (an IP address) absolight.fr. 75018 IN AAAA 2a01:678:2:100::80 ; The signature ; v Crypto algorithm ; v absolight.fr. 75018 IN RRSIG AAAA 8 2 86400 20140709092716 ( 20140703041612 55713 absolight.fr. TKwtxqlKiRY5mOcIkJCmrDQRnlxJB5jAja9qScEgQX0j ... Signed with key 55713 (not the one seen above) Valid from 3 july to 9 july 14 / 23

  33. Chain of trust How can we be sure we have the right public key? ; v Points towards this key ; v absolight.fr. 161337 IN DS 62795 8 2 ( 5C770C1889D8E27DC2606D8A6F5A9B7CF0F943B1F2B7 A66BCBB8F1EEA62582F2 ) DS = Delegation Signer A pointer from the parent zone to the public key of the child zone Of course, it is signed 15 / 23

  34. Two keys? You’ll often see two keys, one signing the key set, one signing the data 16 / 23

  35. Two keys? You’ll often see two keys, one signing the key set, one signing the data This is not mandatory: co.uk has only one key 16 / 23

  36. Two keys? You’ll often see two keys, one signing the key set, one signing the data This is not mandatory: co.uk has only one key They are called KSK (Key Signing Key) and ZSK (Zone Signing Key) 16 / 23

  37. Two keys? You’ll often see two keys, one signing the key set, one signing the data This is not mandatory: co.uk has only one key They are called KSK (Key Signing Key) and ZSK (Zone Signing Key) The idea is to have different characteristics: for instance a short, fast and often changed ZSK and a stable and long KSK 16 / 23

  38. Two keys? You’ll often see two keys, one signing the key set, one signing the data This is not mandatory: co.uk has only one key They are called KSK (Key Signing Key) and ZSK (Zone Signing Key) The idea is to have different characteristics: for instance a short, fast and often changed ZSK and a stable and long KSK In the example above, 62795 was the KSK and 55713 the ZSK 16 / 23

  39. DNSviz 17 / 23

  40. One last detail DNSSEC signs records. When there is no record (non-existing domain name, for instance), what do we sign? 18 / 23

  41. One last detail DNSSEC signs records. When there is no record (non-existing domain name, for instance), what do we sign? We use NSEC or NSEC3 records: they claim “there is nothing here” and are signed for checking 18 / 23

  42. One last detail DNSSEC signs records. When there is no record (non-existing domain name, for instance), what do we sign? We use NSEC or NSEC3 records: they claim “there is nothing here” and are signed for checking NSEC are chained by domain names (“there is nothing between bar.example.org and foo.example.org ”) 18 / 23

  43. One last detail DNSSEC signs records. When there is no record (non-existing domain name, for instance), what do we sign? We use NSEC or NSEC3 records: they claim “there is nothing here” and are signed for checking NSEC are chained by domain names (“there is nothing between bar.example.org and foo.example.org ”) NSEC3 are chained by hashes of domain names, for more privacy (“there is no domain whose hash is between UI6PC9AJFB1E6GE0GRUL67QNCKIG9BCK and L6M3OP8QM1VR3T47JNM6DBL6S4QM2BL8”) 18 / 23

  44. How do I do that with free software? A lot of free programs are available: OpenDNSSEC manages the keys life cycle and signs For authoritative servers, NSD, Knot, PowerDNS and BIND can serve signed zones PowerDNS and BIND can do serving + automatic signatures For validating resolvers, Unbound and BIND can check signatures To check, Zonecheck, DNScheck, validns. . . 19 / 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Aircraft Rescue Federal Aviation Administration and Fire Fighting Federal Aviation

Aircraft Rescue Federal Aviation Administration and Fire Fighting Federal Aviation

Aircraft Rescue Federal Aviation Administration and Fire Fighting Federal Aviation Administration Presented to: 2015 ARFF Chiefs & Leadership School By: Marc Tonnacliff Date: January 2015 Aircraft Rescue and Fire Fighting (ARFF)

578 views • 24 slides
Fighting Fentanyl: the latest battle in the War on Drugs Mark Yarema, MD FRCPC Poison and Drug

Fighting Fentanyl: the latest battle in the War on Drugs Mark Yarema, MD FRCPC Poison and Drug

Fighting Fentanyl: the latest battle in the War on Drugs Mark Yarema, MD FRCPC Poison and Drug Information Service Alberta Health Services Alberta Adolescent Recovery Centre Workshop January 26, 2016 Disclosure I have no conflicts of

1.18k views • 35 slides
Poison Ivy for Incident Responders Andreas Schuster Poison Ivy in the Press What is Poison

Poison Ivy for Incident Responders Andreas Schuster Poison Ivy in the Press What is Poison

Poison Ivy for Incident Responders Andreas Schuster Poison Ivy in the Press What is Poison Ivy? Poison Ivy is a Powerful RAT Target platform: Microsoft Windows, 32bit System information and manipulation Keyword search Password

778 views • 55 slides
Fighting Identity Theft Big Data Analytics to the Rescue Seshika Fernando WSO2 Me - Seshika

Fighting Identity Theft Big Data Analytics to the Rescue Seshika Fernando WSO2 Me - Seshika

Fighting Identity Theft Big Data Analytics to the Rescue Seshika Fernando WSO2 Me - Seshika Computer Science & Finance Streaming Analytics 100% Open Source Middleware Company Apache Way http://wso2.com/

441 views • 25 slides
(FWE-RRK 3:1/FWE-RRK 5:1) R-ALF RESCUE KIT 3:1 / 5:1 Australia The Ferno R-ALF Rescue Kit is a

(FWE-RRK 3:1/FWE-RRK 5:1) R-ALF RESCUE KIT 3:1 / 5:1 Australia The Ferno R-ALF Rescue Kit is a

Doc ID: 00332-V1_R-ALF-RESCUE-KIT_Instructions USER INSTRUCTIONS (FWE-RRK 3:1/FWE-RRK 5:1) R-ALF RESCUE KIT 3:1 / 5:1 Australia The Ferno R-ALF Rescue Kit is a 3:1 or 5:1 ratio mechanical advantage lift system for work positioning, rescue or

195 views • 4 slides
.SE-DNSSEC Commercial launch of .SE-DNSSEC Feb 16, 2007 Signing Soft launch of service the

.SE-DNSSEC Commercial launch of .SE-DNSSEC Feb 16, 2007 Signing Soft launch of service the

. SE-DNSSEC . SEs DNSSEC service Staffan.Hagnell@iis.se .SE-DNSSEC Commercial launch of .SE-DNSSEC Feb 16, 2007 Signing Soft launch of service the .SE zone Sep 2005 2006 Start of project 2001 .SEs challenge To make DNSSEC

584 views • 24 slides
DNSSEC in .at (and beyond) Panel discussion DNSSEC activities in Europe DNSSEC workshop

DNSSEC in .at (and beyond) Panel discussion DNSSEC activities in Europe DNSSEC workshop

ICANN 50 DNSSEC in .at (and beyond) Panel discussion DNSSEC activities in Europe DNSSEC workshop Jun 25 2014 Alexander Mayrhofer London, UK alexander.mayrhofer@nic.at ICANN 50 DNSSEC Services n ccTLD: .at l DNSSEC in production

109 views • 10 slides
DNSSEC activities @ nic.at Panel discussion DNSSEC activities in Europe DNSSEC workshop

DNSSEC activities @ nic.at Panel discussion DNSSEC activities in Europe DNSSEC workshop

ICANN44 DNSSEC activities @ nic.at Panel discussion DNSSEC activities in Europe DNSSEC workshop Jun 27 2012 Alexander Mayrhofer Prague, CZ alexander.mayrhofer@nic.at ICANN44 .at DNSSEC Timeline Testbed DS in root Feb 2011 Feb 09

404 views • 8 slides
Deploying New DNSSEC Algorithms ICANN 53 DNSSEC Workshop June 24, 2015 Buenos Aires, Argentina

Deploying New DNSSEC Algorithms ICANN 53 DNSSEC Workshop June 24, 2015 Buenos Aires, Argentina

Deploying New DNSSEC Algorithms ICANN 53 DNSSEC Workshop June 24, 2015 Buenos Aires, Argentina Dan York, Internet Society www.internetsociety.org/deploy360 DNSSEC Algorithms Used to generate keys for signing DNSKEY Used in DNSSEC

490 views • 18 slides
DNSSEC CS 161: Computer Security Prof. David Wagner April 11, 2016 DNSSEC Last lecture, you

DNSSEC CS 161: Computer Security Prof. David Wagner April 11, 2016 DNSSEC Last lecture, you

DNSSEC CS 161: Computer Security Prof. David Wagner April 11, 2016 DNSSEC Last lecture, you invented DNSSEC. Well, the basic ideas, anyway: Sign all DNS records. Signatures let you verify answer to DNS query, without having to trust the

835 views • 49 slides
DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative

DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative

DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative Russ.Mundy@cobham.com / mundy@sparta.com www.dnssec-deployment.org DNSSEC Trust Anchors Starting point for DNSSEC validation Choice of

375 views • 16 slides
POISON!!! POISON!!! In r Water In r Water 1 1

POISON!!! POISON!!! In r Water In r Water 1 1

POISON!!! POISON!!! In r Water In r Water 1 1 http://www.enn.com/news/enn-stories/2001/09/09142001/arsenichands.jpg Arsenic Removal from the Arsenic Removal from the University of Oklahoma University of Oklahoma Water Supply

724 views • 68 slides
Challenges To Deploying New DNSSEC Algorithms ICANN 55 DNSSEC Workshop March 8, 2016 Marrakech,

Challenges To Deploying New DNSSEC Algorithms ICANN 55 DNSSEC Workshop March 8, 2016 Marrakech,

Challenges To Deploying New DNSSEC Algorithms ICANN 55 DNSSEC Workshop March 8, 2016 Marrakech, Morocco Dan York, Internet Society www.internetsociety.org/deploy360 DNSSEC Algorithms Used to generate keys for signing DNSKEY Used

417 views • 15 slides
Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b.

Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b.

Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b. Forefathers of toxicology c. Famous poisoning cases d. Misconception about poisoning e. Basic principles of poisoning f. Factors influencing toxic

843 views • 16 slides
An Overview of DNSSEC Cesar Diaz cesar@ lacnic.net 1 DNSSEC??? The DNS Security

An Overview of DNSSEC Cesar Diaz cesar@ lacnic.net 1 DNSSEC??? The DNS Security

An Overview of DNSSEC Cesar Diaz cesar@ lacnic.net 1 DNSSEC??? The DNS Security Extension (DNS SEC) attach special kind of information called criptographic signatures to the queries and response that let your computer false

609 views • 34 slides
Deployment of DNSSEC at .ee ICANN 49: DNSSEC Workshop Timo Vhmar | 26.03.2014 | Introduction

Deployment of DNSSEC at .ee ICANN 49: DNSSEC Workshop Timo Vhmar | 26.03.2014 | Introduction

Deployment of DNSSEC at .ee ICANN 49: DNSSEC Workshop Timo Vhmar | 26.03.2014 | Introduction About Estonian Internet Foundation DNSSEC what, why, when Techie stuff Actual work Current situation | 26.03.2014 | Estonian

240 views • 9 slides
Cyber@UC Meeting 76 MITRE Framework Continued If Youre New! Join our Slack:

Cyber@UC Meeting 76 MITRE Framework Continued If Youre New! Join our Slack:

Cyber@UC Meeting 76 MITRE Framework Continued If Youre New! Join our Slack: cyberatuc.slack.com Check out our website: cyberatuc.org SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get

671 views • 15 slides
L IFE G UARD: Practical Repair of Persistent Route Failures Ethan Katz-Bassett (USC) Colin Scott,

L IFE G UARD: Practical Repair of Persistent Route Failures Ethan Katz-Bassett (USC) Colin Scott,

L IFE G UARD: Practical Repair of Persistent Route Failures Ethan Katz-Bassett (USC) Colin Scott, David Choffnes, Italo Cunha, Valas Valancius, Nick Feamster, Harsha Madhyastha, Tom Anderson, Arvind Krishnamurthy This work is generously funded

1.34k views • 106 slides
CS 356: Computer Network Architectures Lecture 12: Dynamic Routing: Routing Information Protocol

CS 356: Computer Network Architectures Lecture 12: Dynamic Routing: Routing Information Protocol

CS 356: Computer Network Architectures Lecture 12: Dynamic Routing: Routing Information Protocol Chap. 3.3.1, 3.3.2 Xiaowei Yang xwy@cs.duke.edu Today ICMP applications Dynamic Routing Routing Information Protocol ICMP

716 views • 46 slides
Remaining Hazards and Mitigating Patterns for Secure Mashups in EcmaScript 5 Mark S. Miller and

Remaining Hazards and Mitigating Patterns for Secure Mashups in EcmaScript 5 Mark S. Miller and

Remaining Hazards and Mitigating Patterns for Secure Mashups in EcmaScript 5 Mark S. Miller and the Cajadores Overview The Mashup Problem The Offensive and Defensive Code Problems JavaScript (EcmaScript) gets simpler ES3, ES5, ES5/strict,

716 views • 52 slides
Next Generation 911 A lifeline service based on the Internet - Are we ready for this?

Next Generation 911 A lifeline service based on the Internet - Are we ready for this?

Next Generation 911 A lifeline service based on the Internet - Are we ready for this? Distinguished Experts Panel Chair: Carol Davids, Illinois Institute of Technology Panelists Stephen Ashurkoff, General Dynamics Trey Forgety,

473 views • 22 slides
Adversarial AI in Cyber Security WHO AM I

Adversarial AI in Cyber Security WHO AM I

Adversarial AI in Cyber Security WHO AM I Join Trend Micro on 2009 Infra Developer Threat Researcher Machine Learning Researcher Join XGen ML project on 2015 Now leading

686 views • 35 slides
Pyramid 101 Positive Behavior Support Pyramid Model Components Introduction to Positive Behavior

Pyramid 101 Positive Behavior Support Pyramid Model Components Introduction to Positive Behavior

Pyramid 101 Positive Behavior Support Pyramid Model Components Introduction to Positive Behavior Support in Early Childhood Settings Effective Workforce better-trained caregivers are the foundation Patti Mahrt-Roberts Nurturing and

588 views • 27 slides
Identifying Winter Twigs Prepared by Dennis Deck Terminology

Identifying Winter Twigs Prepared by Dennis Deck Terminology

Identifying Winter Twigs Prepared by Dennis Deck Terminology http://www.clemson.edu/extfor/publications/bul117/characteristics.htm A Few Terms http://www.cactus-art.biz/note-book/ Dictionary/Dictionary_B/dictionary_bud.htm

1.22k views • 45 slides

More recommend