A New Approach to DNS Security (DNSSEC) - PowerPoint PPT Presentation

About This Presentation
Title:

A New Approach to DNS Security (DNSSEC)

Description:

www.cnn.com A ? ask .com server. SIG(the ip address and PK of .com server) by its private key. ... www.cnn.com. lab.cs.umass.edu. dns.cs.umass.edu. transaction ... – PowerPoint PPT presentation

Number of Views:1069
Avg rating:3.0/5.0
Slides: 41
Provided by: xiaot
Learn more at: http://gaia.cs.umass.edu
Category:
Tags: dns | dnssec | approach | cnn | new | security

less

Transcript and Presenter's Notes

Title: A New Approach to DNS Security (DNSSEC)


1
A New Approach to DNS Security (DNSSEC)
  • Author
  • Giuseppe Ateniese
  • Stefan Mangard
  • Presenter Liu, Xiaotao

2
Outline
  • Overview of DNS
  • Motivation
  • PK-DNSSEC
  • SK-DNSSEC
  • Comparison with PK-DNSSEC
  • Usage of DNSSEC

3
Outline
  • Overview of DNS
  • Motivation
  • PK-DNSSEC
  • SK-DNSSEC
  • Comparison with PK-DNSSEC
  • Usage of DNSSEC

4
What is the DNS
  • Domain Name System
  • Distributed database to resolve domain names
  • Labels translate to Resource Records
  • Address (A)
  • Mail hosts (MX)
  • Text (TXT)
  • and much more.
  • Resource records stored in zones
  • Highly scalable

5
A DNS tree
.
root
domain
.net
.com
top level
6
DNS data
  • Example Zone file
  • dacht.net 7200 IN SOA ns.ripe.net.
    olaf.ripe.net.(
  • 2001061501
    Serial
  • 43200 Refresh
    12 hours
  • 14400 Retry 4
    hours
  • 345600 Expire
    4 days
  • 7200 Negative
    cache 2 hours
  • )
  • dacht.net 7200 IN NS ns.ripe.net.
  • dacht.net 7200 IN NS ns.high5.net.
  • pinkje.dacht.net 3600 IN A
    193.0.1.162
  • host25.dacht.net 2600 IN A 193.0.3.25

Label
ttl
class
type
rdata
7
Common Resource Records
RECORD TYPE DESCRIPTION USAGE
A An address record Maps FQDN into an IP address
PTR A pointer record Maps an IP address into FQDN
NS A name server record Denotes a name server for a zone
SOA A Start of Authority record Specifies many attributes concerning the zone, such as the name of the domain (forward or inverse), administrative contact, the serial number of the zone, refresh interval, retry interval, etc.
CNAME A canonical name record Defines an alias name and maps it to the absolute (canonical) name
MX A Mail Exchanger record Used to redirect email for a given domain or host to another host
8
DNS resolving
Question www.cnn.com
.
www.cnn.com A ?
dns.cs.umass.edu
lab.cs.umass.edu
resolver
ask .com server the ip address of .com server
stub resolver
www.cnn.com A ?
.com
www.cnn.com A ?
xxx.xxx.xxx.xxx
ask cnn.com server the ip address of cnn.com
server
add to cache
www.cnn.com A ?
xxx.xxx.xxx.xxx
cnn.com
www.cnn.com
9
DNS Data flow
Zone administrator
Zone file
master
resolver
slaves
Dynamic updates
stub resolver
10
Outline
  • Overview of DNS
  • Motivation
  • PK-DNSSEC
  • SK-DNSSEC
  • Comparison with PK-DNSSEC
  • Usage of DNSSEC

11
DNS Vulnerabilities
Cache impersonation
Corrupting data
Impersonating master
Zone administrator
master
resolver
Zone file
Dynamic updates
slaves
stub resolver
Cache pollution by Data spoofing
Unauthorized updates
Data Protection
Server Protection
12
Why DNSSEC
  • DNSSEC protects against data spoofing and
    corruption
  • DNSSEC also provides mechanisms to authenticate
    servers and requests
  • DNSSEC provides mechanisms to establish
    authenticity and integrity

13
Outline
  • Overview of DNS
  • Motivation
  • PK-DNSSEC
  • SK-DNSSEC
  • Comparison with PK-DNSSEC
  • Usage of DNSSEC

14
PK-DNSSEC (Public Key)
  • The DNS servers sign (digitally encrypt)the hash
    of resource record set with its private keys
  • Resouce record set The set of resource records
    of the same type.
  • Public KEYs can be used to verify the SIGs
  • The authenticity of public KEYs is established by
    a SIGnature over the keys with the parents
    private key
  • In the ideal case, only one public KEY needs to
    be distributed off-band (the roots public KEY)

15
DNSSEC new RRs
  • 2 Public key related RRs
  • SIG signature over RRset made using private key
  • KEY public key, needed for verifying a SIG over a
    RRset, signed by the parents private key
  • One RR for internal consistency (authenticated
    denial of data)
  • NXT RR to indicate which RRset is the next one in
    the zone
  • For non DNSSEC public keys CERT

16
SIG RRs
  • Cover each resource record set with a public-key
    signature which is stored as a resource record
    called SIG RR
  • SIG RRs are computed for every RRset in a zone
    file and stored
  • Add the corresponding pre-calculated signature
    for each RRset in answers to queries
  • Must include the entire RRset in an answer,
    otherwise the resolver could not verify the
    signature

17
SIG(0)
  • Use public-key signature to sign the whole
    message each time the server responses the
    queries
  • Provide integrity protection and authentication
    of the whole message
  • Can be scaled to provide authentication of query
    requests
  • Not be practical to use on a large scale
    environment

18
Compare SIG RRs with SIG(0)
  • More computation on DNS server caused by SIG(0)
  • More network traffic caused by SIG RRs
  • More storage need by SIG RRs

19
Verifying the tree
Question www.cnn.com
. (root)
www.cnn.com A ?
dns.cs.umass.edu
lab.cs.umass.edu
resolver
ask .com server SIG(the ip address and PK of
.com server) by its private key
stub resolver
www.cnn.com A ?
.com
www.cnn.com A ?
xxx.xxx.xxx.xxx
transaction signatures
ask cnn.com server SIG(the ip address and PK of
cnn.com server) by its private key
add to cache
slave servers
www.cnn.com A ?
SIG(xxx.xxx.xxx.xxx) by its private key
transaction signatures
www.cnn.com
cnn.com
20
Verifying
  • Verify a SIG over data using the public KEY
  • DNS data is signed with the private key
  • Verify the SIG with the KEY mentioned in the SIG
    record
  • The key can be found in the DNS or can be locally
    configured

21
Outline
  • Overview of DNS
  • Motivation
  • PK-DNSSEC
  • SK-DNSSEC
  • Comparison with PK-DNSSEC
  • Usage of DNSSEC

22
SK-DNSSEC (Symmetric Certificates)
  • The usage of symmetric ciphers through AES or
    Blowfish in CBC mode.
  • The usage of symmetric signatures via MAC
    functions.
  • Combine encryption techniques with MAC functions
    as Ek(m, MACl(m)).
  • Each message contains a nonce to avoid replay
    attack. A nonce is pair of a random number and a
    timestamp.

23
SK-DNSSEC (cont.)
  • Given the DNS tree of domains, each node shares a
    key with its parent, called master key
  • The root domain has an asymmetric key pair(public
    and private key) as well as its own master key
    that is not shared with any others
  • The resolvers must have an authentic copy of
    roots public key

24
Notation
25
DNS Root Certificate
26
DNS Request to Root
Info(Pxy) has to minimally contain the identity
strings Ix and Iy. Inception and expiration
dates, details about the encryption and
authentication algorithms employed, certificate
and key unique identifiers, and the identity of
the creator of the certificate
27
DNS Request to Intermediate Server
28
DNS Request to Authoritative Server
29
For mutual authentication
For any 0 ? i ? n
30
The problem of PK and SK DNSSEC
  • In SK-DNSSEC, the root servers need to decrypt
    the message encrypted by the public key
  • In PK-DNSSEC, the potential increase of network
    traffic due to larger DNS messages
  • In PK-DNSSEC, the high cost of verifying the
    public-key digital signatures at the resolvers
    side

31
Hybrid Approach
  • The root servers use PK-DNSSEC
  • The top-level domains use SK-DNSSEC

32
Outline
  • Overview of DNS
  • Motivation
  • PK-DNSSEC
  • SK-DNSSEC
  • Comparison with PK-DNSSEC
  • Usage of DNSSEC

33
Efficiency
  • PK-DNSSEC with SIG RR. For each RRset in the
    answer, a pre-calculated SIG RR is included
  • PK-DNSSEC with SIG(0). DNS messages do not
    contain SIG RRs, but are rather signed as a whole
    by SIG(0)-type signature.
  • SK-DNSSEC. DNS messages are secured by symmetric
    signatures and encryption.

34
Performance
(800M HZ)
35
Performance (cont.)
36
Network Traffic
37
Storage
38
Outline
  • Overview of DNS
  • Motivation
  • PK-DNSSEC
  • SK-DNSSEC
  • Comparison with PK-DNSSEC
  • Usage of DNSSEC

39
Public-key Distribution System
  • Global real time availability
  • Easy access to DNS
  • Scalability
  • Hierarchical organization
  • Globally unique names
  • Globally unique host name
  • Cryptographic binding of name and key
  • KEY RR binds DNS names with keys

40
QA
  • Thank You!
Write a Comment
User Comments (0)
About PowerShow.com