CS653

1
Automated private key recovery for
DNSSEC Colorado State University, CS 681 John
Tesch
2
Motivation

• DNSSEC provides for asymmetric keys but does not
  address the issue of lost keys.
• The key regeneration process may affect
  performance of DNS servers
• Multiple pairs of keys create conflicts among DNS
  servers

3
Asymmetric keys

• The public key is stored in the KEY resource
  record and is backed up.
• The private key is stored and protected in the
  file system of the DNS server
• The public key can be reloaded
• The loss of the private key requires a
  re-computation of a new pair of keys

4
Simplistic Approach

• Take the private key, Sprv, and encrypt it with
  the public key of the parent DNS server, Ppub.
  m Sprv,Ppub
• Provides some redundancy, but still a single
  point of failure
• Can be compromised or lost

5
Our Approach

• Take the private key, Sprv, and encrypt it with
  the public key of the parent, Ppub. m
  Sprv,Ppub
• Divide the encryption, m, into parts or shares.
  m\n
• Distribute and encrypt the shares to subordinate
  DNS servers (child).
• m/n,Cpub

6
(k,n)threshold scheme

• A dealer shares a secret key between n parties
• Each party receives a share
• A group of any k participants can cooperate to
  reconstruct the shares
• No group of k-1 participants can get any
  information about the secret

7
Algorithm modification

• Use Shamirs (k,n)-threshold scheme
• Encrypt the shares with the public keys of the
  DNS childern
• Store the shares on the DNS database as a
  Resource Record

8
Conclusion

• Using our method, private keys can be stored in
  plain sight.
• The use of the (k,n)-threshold scheme allows for
  voting when recreating the private key
• The distribution of the shares cannot be easily
  traced