new curves in dnssec
play

New Curves in DNSSEC Ond ej Sur, CZ.NIC SafeCurves(.cr.yp.to) Work - PowerPoint PPT Presentation

Jan 13, 2024 •305 likes •384 views

New Curves in DNSSEC Ond ej Sur, CZ.NIC SafeCurves(.cr.yp.to) Work by Daniel J. Bernstein and Tanja Lange Difference between security of: Elliptic-Curve Cryptography (ECC) Elliptic-Curve Discrete-Logarithm Problem (ECDLP)

  1. New Curves in DNSSEC Ond ř ej Surý, CZ.NIC

  2. SafeCurves(.cr.yp.to) Work by Daniel J. Bernstein and Tanja Lange ● Difference between security of: ● Elliptic-Curve Cryptography (ECC) ○ Elliptic-Curve Discrete-Logarithm Problem (ECDLP) ← how to find a secret key from PK ○ The ECDLP might be fine, but implementation might not: ● Your implementation produces incorrect results for some rare curve points. ○ Your implementation leaks secret data when the input isn't a curve point. ○ Your implementation leaks secret data through branch timing. ○ Your implementation leaks secret data through cache timing. ○ SafeCurves criteria are designed to ensure ECC security, not just ECDLP ● security

  3. Edwards-curve Digital Signature Algorithm (EdDSA) 1. High-performance on a variety of platforms. 2. Does not require the use of a unique random number for each signature. 3. More resilient to side-channel attacks. 4. Small public keys (32 or 57 bytes) and signatures (64 or 114 bytes). 5. The formulas are "strongly unified", i.e., they are valid for all points on the curve, with no exceptions. This obviates the need for EdDSA to perform expensive point validation on untrusted public values. 6. Collision resilience, meaning that hash-function collisions do not break this system. https://datatracker.ietf.org/doc/draft-irtf-cfrg-eddsa/

  4. SafeCurves by CFRG Curve25519 → Ed25519 ● 2006 Daniel J. Bernstein ○ ~128-bit security target ○ Curve448(-Goldilocks) → Ed448 ● 2014 Mike Hamburg ○ ~224-bit security target ○ RFC 7748

  5. SafeCurves in DNSSEC draft-ietf-curdle-dnskey-ed25519 ● Adopted in CURDLE WG ○ Consensus for use in DNSSEC ■ In need of review ○ Waiting for draft-irtf-cfrg-eddsa ○ draft-sury-dnskey-ed448 ● Might be adopted in CURDLE WG ○ No strong consensus for use in DNSSEC ■ Future draft-<something>-kill-old-dnskey-algo ● We need to start deprecating old DNSSEC algorithms ○

  6. DNSSEC Algorithm flexibility ~Quick~ adoption by DNS server vendors ● Very slow adoption in real world deployments ● Slow life cycles in Linux (and other) distributions ○ Even slower deployment (people still run 2012 distros) ○ Other reasons ○ Workshop at DNS-OARC in Buenos Aires ●

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Making the Case for Elliptic Curves in DNSSEC an analysis of the impact of switching to ECC based

Making the Case for Elliptic Curves in DNSSEC an analysis of the impact of switching to ECC based

Making the Case for Elliptic Curves in DNSSEC an analysis of the impact of switching to ECC based on current DNSSEC deployments in .com, .net and .org Introduction DNSSEC deployment has taken off, but there are still operational issues

408 views • 16 slides
Elliptical Curves in DNSSEC Dmitry Kohmanyuk Hostmaster Ltd #EEDNSUA 2016 Kyiv, Ukraine

Elliptical Curves in DNSSEC Dmitry Kohmanyuk Hostmaster Ltd #EEDNSUA 2016 Kyiv, Ukraine

Elliptical Curves in DNSSEC Dmitry Kohmanyuk Hostmaster Ltd #EEDNSUA 2016 Kyiv, Ukraine Elliptic Curve Cryptography (ECC) y^2 = x^3 + ax + b http://en.wikipedia.org/wiki/Elliptic_curve

151 views • 13 slides
.SE-DNSSEC Commercial launch of .SE-DNSSEC Feb 16, 2007 Signing Soft launch of service the

.SE-DNSSEC Commercial launch of .SE-DNSSEC Feb 16, 2007 Signing Soft launch of service the

. SE-DNSSEC . SEs DNSSEC service Staffan.Hagnell@iis.se .SE-DNSSEC Commercial launch of .SE-DNSSEC Feb 16, 2007 Signing Soft launch of service the .SE zone Sep 2005 2006 Start of project 2001 .SEs challenge To make DNSSEC

584 views • 24 slides
DNSSEC in .at (and beyond) Panel discussion DNSSEC activities in Europe DNSSEC workshop

DNSSEC in .at (and beyond) Panel discussion DNSSEC activities in Europe DNSSEC workshop

ICANN 50 DNSSEC in .at (and beyond) Panel discussion DNSSEC activities in Europe DNSSEC workshop Jun 25 2014 Alexander Mayrhofer London, UK alexander.mayrhofer@nic.at ICANN 50 DNSSEC Services n ccTLD: .at l DNSSEC in production

109 views • 10 slides
DNSSEC activities @ nic.at Panel discussion DNSSEC activities in Europe DNSSEC workshop

DNSSEC activities @ nic.at Panel discussion DNSSEC activities in Europe DNSSEC workshop

ICANN44 DNSSEC activities @ nic.at Panel discussion DNSSEC activities in Europe DNSSEC workshop Jun 27 2012 Alexander Mayrhofer Prague, CZ alexander.mayrhofer@nic.at ICANN44 .at DNSSEC Timeline Testbed DS in root Feb 2011 Feb 09

404 views • 8 slides
Deploying New DNSSEC Algorithms ICANN 53 DNSSEC Workshop June 24, 2015 Buenos Aires, Argentina

Deploying New DNSSEC Algorithms ICANN 53 DNSSEC Workshop June 24, 2015 Buenos Aires, Argentina

Deploying New DNSSEC Algorithms ICANN 53 DNSSEC Workshop June 24, 2015 Buenos Aires, Argentina Dan York, Internet Society www.internetsociety.org/deploy360 DNSSEC Algorithms Used to generate keys for signing DNSKEY Used in DNSSEC

490 views • 18 slides
DNSSEC CS 161: Computer Security Prof. David Wagner April 11, 2016 DNSSEC Last lecture, you

DNSSEC CS 161: Computer Security Prof. David Wagner April 11, 2016 DNSSEC Last lecture, you

DNSSEC CS 161: Computer Security Prof. David Wagner April 11, 2016 DNSSEC Last lecture, you invented DNSSEC. Well, the basic ideas, anyway: Sign all DNS records. Signatures let you verify answer to DNS query, without having to trust the

835 views • 49 slides
DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative

DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative

DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative Russ.Mundy@cobham.com / mundy@sparta.com www.dnssec-deployment.org DNSSEC Trust Anchors Starting point for DNSSEC validation Choice of

375 views • 16 slides
Challenges To Deploying New DNSSEC Algorithms ICANN 55 DNSSEC Workshop March 8, 2016 Marrakech,

Challenges To Deploying New DNSSEC Algorithms ICANN 55 DNSSEC Workshop March 8, 2016 Marrakech,

Challenges To Deploying New DNSSEC Algorithms ICANN 55 DNSSEC Workshop March 8, 2016 Marrakech, Morocco Dan York, Internet Society www.internetsociety.org/deploy360 DNSSEC Algorithms Used to generate keys for signing DNSKEY Used

417 views • 15 slides
An Overview of DNSSEC Cesar Diaz cesar@ lacnic.net 1 DNSSEC??? The DNS Security

An Overview of DNSSEC Cesar Diaz cesar@ lacnic.net 1 DNSSEC??? The DNS Security

An Overview of DNSSEC Cesar Diaz cesar@ lacnic.net 1 DNSSEC??? The DNS Security Extension (DNS SEC) attach special kind of information called criptographic signatures to the queries and response that let your computer false

609 views • 34 slides
Deployment of DNSSEC at .ee ICANN 49: DNSSEC Workshop Timo Vhmar | 26.03.2014 | Introduction

Deployment of DNSSEC at .ee ICANN 49: DNSSEC Workshop Timo Vhmar | 26.03.2014 | Introduction

Deployment of DNSSEC at .ee ICANN 49: DNSSEC Workshop Timo Vhmar | 26.03.2014 | Introduction About Estonian Internet Foundation DNSSEC what, why, when Techie stuff Actual work Current situation | 26.03.2014 | Estonian

240 views • 9 slides
.ke DNSSec Update Toilem Poriot Godwin .ke DNSsec update Update on what .ke registry

.ke DNSSec Update Toilem Poriot Godwin .ke DNSsec update Update on what .ke registry

.ke DNSSec Update Toilem Poriot Godwin .ke DNSsec update Update on what .ke registry experienced 30th April 2015-- Longest mornings I have ever had. Day started as usual but takes a turn at 9:30am Great day turns to a

449 views • 11 slides
DNSSEC Workshop @ ICANN Activities from the Region: - DNSSEC deployment in .pt 23 June 2010

DNSSEC Workshop @ ICANN Activities from the Region: - DNSSEC deployment in .pt 23 June 2010

DNSSEC Workshop @ ICANN Activities from the Region: - DNSSEC deployment in .pt 23 June 2010 Sara Monteiro Technical Infrastructure Service of DNS.PT Agenda ! About us ! Scope ! Goals ! Initiatives and Support ! Developments on .pt ! Next Steps

468 views • 11 slides
13 Things to Consider Before DNSSEC John Kristoff jtk@cymru.com FIRST 2010 John Kristoff

13 Things to Consider Before DNSSEC John Kristoff jtk@cymru.com FIRST 2010 John Kristoff

13 Things to Consider Before DNSSEC John Kristoff jtk@cymru.com FIRST 2010 John Kristoff Team Cymru 1 Where is the DNSSEC? We make no endorsement of DNSSEC here We offer no repudiation of DNSSEC here The considerations herein

543 views • 31 slides
DNS and DNSSEC Management and Monitoring Changes Required During A Transition To DNSSEC Wes

DNS and DNSSEC Management and Monitoring Changes Required During A Transition To DNSSEC Wes

DNS and DNSSEC Management and Monitoring Changes Required During A Transition To DNSSEC Wes Hardaker &lt;wes.hardaker@parsons.com&gt; Overview Business Model Changes Relationship Requirements Relationship with your DNS parent

407 views • 25 slides
DNSSEC security without maintenance ... with the right software and registry Petr paek

DNSSEC security without maintenance ... with the right software and registry Petr paek

DNSSEC security without maintenance ... with the right software and registry Petr paek petr.spacek@nic.cz 2019-02-03 1w Redraw max 1y 6m 3m 1m 5d 1h 1d 30 ~ 19 % DNSSEC? Who cares? DNSSEC Validation Capability Metrics

433 views • 25 slides
Ahoy: A Proximity-Based Discovery Protocol Robbert Haarman Contents 1. Introduction to Ahoy 2.

Ahoy: A Proximity-Based Discovery Protocol Robbert Haarman Contents 1. Introduction to Ahoy 2.

Ahoy: A Proximity-Based Discovery Protocol Robbert Haarman Contents 1. Introduction to Ahoy 2. Protocol Overview 3. Message Types 4. Attenuated Bloom Filters 5. My Contributions 6. Summary 7. Questions Part 1 Introduction to Ahoy What is

1.23k views • 71 slides
Detecting Hidden Anomalies in DNS Communication CZ.NIC Ondrej Mikle-Barat / ondrej.mikle@nic.cz

Detecting Hidden Anomalies in DNS Communication CZ.NIC Ondrej Mikle-Barat / ondrej.mikle@nic.cz

Detecting Hidden Anomalies in DNS Communication CZ.NIC Ondrej Mikle-Barat / ondrej.mikle@nic.cz Karel Slan / karel.slany@nic.cz 18. 10. 2011 1 Outline Motivation Method description original work algorithm DNS specifics

366 views • 18 slides
NOT EXACTLY! APPROXIMATE ALGORITHMS FOR BIG DATA FANGJIN YANG DRUID COMMITTER METAMARKETS

NOT EXACTLY! APPROXIMATE ALGORITHMS FOR BIG DATA FANGJIN YANG DRUID COMMITTER METAMARKETS

NOT EXACTLY! APPROXIMATE ALGORITHMS FOR BIG DATA FANGJIN YANG DRUID COMMITTER METAMARKETS NELSON RAY QUANTITATIVE ANALYST GOOGLE OVERVIEW THE PROBLEM MANAGE DATA COST EFFICIENTLY THE DATA DEALING WITH EVENT STREAMS SIMPLIFYING

1.11k views • 64 slides
Autoplacer : Scalable Self-Tuning Data Placement in Distributed Key-value Stores ICAC13 Jo

Autoplacer : Scalable Self-Tuning Data Placement in Distributed Key-value Stores ICAC13 Jo

Autoplacer : Scalable Self-Tuning Data Placement in Distributed Key-value Stores ICAC13 Jo ao Paiva , Pedro Ruivo, Paolo Romano, Lu s Rodrigues Instituto Superior T ecnico / Inesc-ID, Lisboa, Portugal June 27, 2013 Outline

605 views • 48 slides
Message-locked Encryption with Deduplication Consistency Sbastien Canard 1 , Fabien Laguillaumie

Message-locked Encryption with Deduplication Consistency Sbastien Canard 1 , Fabien Laguillaumie

Message-locked Encryption with Deduplication Consistency Sbastien Canard 1 , Fabien Laguillaumie 2 and Marie Paindavoine 1,2 1 Orange Labs, Applied Crypto Group, France. 2 Universit Claude Bernard Lyon 1, LIP (CNRS/ENSL/INRIA/UCBL), France.

256 views • 11 slides
File Organisation Part - II Dr. V. V. Subrahmanyam Associate Professor, SOCIS, IGNOU Heap File

File Organisation Part - II Dr. V. V. Subrahmanyam Associate Professor, SOCIS, IGNOU Heap File

File Organisation Part - II Dr. V. V. Subrahmanyam Associate Professor, SOCIS, IGNOU Heap File Organisation The simplest file structure is an unordered file or heap file. The data in the pages of a heap file is not ordered. Every

618 views • 25 slides
SPHINCS: practical stateless hash-based signatures Daniel J. Bernstein Daira Hopwood Andreas H

SPHINCS: practical stateless hash-based signatures Daniel J. Bernstein Daira Hopwood Andreas H

SPHINCS: practical stateless hash-based signatures Daniel J. Bernstein Daira Hopwood Andreas H ulsing Tanja Lange Ruben Niederhagen Louiza Papachristodoulou Michael Schneider Peter Schwabe Zooko Wilcox-OHearn 2 April 2015 Traditional hash-based

288 views • 10 slides
Ana Analyzing t g the he Effect cts o of Di Different S Signs gns to Incr ncrea ease t

Ana Analyzing t g the he Effect cts o of Di Different S Signs gns to Incr ncrea ease t

Ana Analyzing t g the he Effect cts o of Di Different S Signs gns to Incr ncrea ease t the Oppo he Opport rtun unity of Des Designa nated d Van Ac n Acce cessible Parking g Spa paces ces E Zhang, M.Ed. Department of Applied

850 views • 50 slides

More recommend