[dns-operations] a maximum of about 16K possible DNSSEC keytags?
Roy Arends
roy at dnss.ec
Mon Nov 30 14:51:11 UTC 2015
On 29 Nov 2015, at 23:20, Roy Arends wrote:
> I am only able to generate about 16K unique keytags for a 2K RSASHA256
> KSK (*), even after generating hundreds of thousands of keys in a
> loop.
>
> I expected the entire 16 bit keytag space used (i.e. 64K keytags), as
> the keytag is simply the sum of the DNSKEY RDATA (as a series of two
> byte values) with the high two bytes of the resulting 32 bit value
> added to the low 2 byte without carry.
>
> Since the RDATA contains 256 bytes of modulus (a result of multiplying
> two randomly generated 128 byte primes), I thought it had a fair
> amount of entropy so that the resulting key tags would be nicely
> distributed.
>
> Apparently not.
>
> Anyone able (willing) to explain the math, please?
Peter van Dijk generated a large set of DNSKEYs with the same algorithm,
flags and exponent and was able to generate a lot more unique keytags.
Peter is using PowerDNS ’pdnssec add-zone-key’ which uses mbedTLS
2.1.0, while I was using dnssec-keygen and ldns-keygen which both used
OpenSSL 0.9.8zg.
It looks like the difference stems from the libraries involved. At least
we can fingerprint the key generators behind the keys used :-)
Not sure if I can find out more, or if this is important. Will keep
looking though.
Thanks
Roy
More information about the dns-operations
mailing list