Amir Herzberg
Bruno Crispo
ABSTRACT
We propose a transport layer cipher-suite negotiation mechanism for DNSSEC standard, allowing name-servers to send responses containing only the keys and signatures that correspond to the cipher-suite option negotiated with the resolver, rather than sending all the signatures and keys (as is done currently).
As we show, a lack of cipher-suite negotiation, is one of the factors impeding deployment of DNSSEC, and also results in adoption of weak ciphers. Indeed, the vast majority of domains rely on RSA 1024-bit cryptography, which is already considered insecure. Furthermore, domains, that want better security, have to support a number of cryptographic ciphers. As a result, the DNSSEC responses are large and often fragmented, harming the DNS functionality, and causing inefficiency and vulnerabilities.
A cipher-suite negotiation mechanism reduces responses' sizes, and hence solves the interoperability problems with DNSSEC-signed responses, and prevents reflection and cache poisoning attacks.
- H. Gao, V. Yegneswaran, Y. Chen, P. Porras, S. Ghosh, J. Jiang, and H. Duan. An empirical reexamination of global dns behavior. In Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM, pages 267--278. ACM, 2013. Google Scholar
Digital Library
- F. Guo, J. Chen, and T. cker Chiueh. Spoof Detection for Preventing DoS Attacks against DNS Servers. In ICDCS, pages 37--37. IEEE Computer Society, 2006. Google ScholarDigital Library
- A. Herzberg and H. Shulman. Security of patched DNS. In Computer Security - ESORICS 2012 - 17th European Symposium on Research in Computer Security, Pisa, Italy, September 10-12, 2012. Proceedings, pages 271--288, 2012.Google Scholar
- A. Herzberg and H. Shulman. Fragmentation Considered Poisonous: or one-domain-to-rule-them-all.org. In IEEE CNS 2013. The Conference on Communications and Network Security, Washington, D.C., U.S. IEEE, 2013.Google ScholarCross Ref
- A. Herzberg and H. Shulman. Vulnerable delegation of DNS resolution. In Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security, Egham, UK, September 9-13, 2013. Proceedings, pages 219--236, 2013.Google Scholar
- A. Herzberg and H. Shulman. DNS Authentication as a Service: Preventing Amplification Attacks. In ACM Annual Computer Security Applications Conference (ACM ACSAC), December 2014. Google ScholarDigital Library
- A. Herzberg and H. Shulman. Negotiating DNSSEC Algorithms Over Legacy Proxies. In Cryptology and Network Security, 13th International Conference, (CANS) 2014, Heraklion, Crete, Greece, October 22--24, 2014. Proceedings, 2014.Google Scholar
- A. Herzberg and H. Shulman. Retrofitting Security into Network Protocols: The Case of DNSSEC. Internet Computing, IEEE, 18(1):66--71, 2014. Google ScholarDigital Library
- A. Herzberg and H. Shulman. Cipher-Suite Negotiation for DNSSEC: Hop-by-Hop or End-to-End? (to appear) Internet Computing, IEEE, 2015.Google Scholar
- Internet Assigned Numbers Authority (IANA). Domain Name System Security (DNSSEC) Algorithm Numbers. http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml, March 2014.Google Scholar
- T. Jager, K. G. Paterson, and J. Somorovsky. One bad apple: Backwards compatibility attacks on state-of-the-art cryptography. In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2013.Google Scholar
- W. Lian, E. Rescorla, H. Shacham, and S. Savage. Measuring the Practical Impact of DNSSEC Deployment. In Proceedings of USENIX Security, 2013. Google ScholarDigital Library
- N. Mavrogiannopoulos, F. Vercauteren, V. Velichkov, and B. Preneel. A cross-protocol attack on the TLS protocol. In T. Yu, G. Danezis, and V. D. Gligor, editors, ACM Conference on Computer and Communications Security, pages 62--72. ACM, 2012. Google ScholarDigital Library
- D. Migault, C. Girard, and M. Laurent. A performance view on dnssec migration. In Network and Service Management (CNSM), 2010 International Conference on, pages 469--474. IEEE, 2010.Google ScholarCross Ref
- National Institute of Standards and A. N. T. D. Technology. Estimating Industry IPv6 and DNSSEC External Service Deployment Status. http://fedv6-deployment.antd.nist.gov/cgi-bin/generate-com.Google Scholar
- E. Rescorla. SSL and TLS: designing and building secure systems, volume 1. Addison-Wesley Reading, 2001.Google Scholar
- C. Rossow. Amplification Hell: Revisiting Network Protocols for DDoS Abuse. In Proceedings of the Network and Distributed System Security (NDSS) Symposium, February 2014.Google Scholar
- H. Shulman. Pretty Bad Privacy: Pitfalls of DNS Encryption. In Proceedings of the 13th annual ACM workshop on Privacy in the electronic society, WPES '14, 2014. Google ScholarDigital Library
- H. Shulman and M. Waidner. Fragmentation Considered Leaking: Port Inference for DNS Poisoning. In Applied Cryptography and Network Security (ACNS), Lausanne, Switzerland. Springer, 2014.Google ScholarCross Ref
- A. Studer and A. Perrig. The Coremelt Attack. In M. Backes and P. Ning, editors, ESORICS, volume 5789 of Lecture Notes in Computer Science, pages 37--52. Springer, 2009. Google ScholarDigital Library
- R. Tzakikario, D. Touitou, G. Pazi, et al. Dns anti-spoofing using udp, Nov. 17 2009. US Patent 7,620,733.Google Scholar
Recommendations
DNSSEC: Interoperability Challenges and Transition Mechanisms
ARES '13: Proceedings of the 2013 International Conference on Availability, Reliability and SecurityRecent cache poisoning attacks motivate protecting DNS with strong cryptography, by adopting DNSSEC, rather than with challenge-response 'defenses'. We discuss the state of DNSSEC deployment and obstacles to adoption. We then present an overview of ...
Cipher-Suite Negotiation for DNSSEC: Hop-by-Hop or End-to-End?
To ensure the best security and efficiency, cryptographic protocols such as Transport Layer Security and IPsec should let parties negotiate the use of the "best” cryptographic algorithms; this is referred to as cipher-suite negotiation. However, cipher-...
Silence is not Golden: Disrupting the Load Balancing of Authoritative DNS Servers
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityAuthoritative nameservers are delegated to provide the final resource record. Since the security and robustness of DNS are critical to the general operation of the Internet, domain name owners are required to deploy multiple candidate nameservers for ...
Comments