[dns-operations] [Ext] Re: help with a resolution

Warren Kumari warren at kumari.net
Thu Jan 9 00:12:09 UTC 2020


On Wed, Jan 8, 2020 at 6:47 PM Viktor Dukhovni <ietf-dane at dukhovni.org> wrote:
>
> On Wed, Jan 08, 2020 at 06:00:06PM -0500, Viktor Dukhovni wrote:
>
> > Well, there are various services where indeed the zone administrator signs
> > records from authenticated, but otherwise untrusted customers, provided
> > the RR owner is associated with the customer.
> >
> > For example, the .DE zone (which uses algorithm 8, so not subject to
> > any SHA-1 issues) allows registrants that only need a handful of
> > DNS records to have those records published directly in the .DE
> > zone, without delegation.
> >
> > Other zones may make similar arrangements.
>
> Or more simply, when Let's Encrypt, or some cloud provider asks you to
> publish a TXT RR in your zone to prove zone control, how sure are you
> that's not a hash collision in disguise?

It **could** be, but I'm still failing to see how they could use this
-- LE asks me to publish:

_acme-challenge.example.com 600 IN TXT "I_like_Cheese" in my zone, and
I sign it.

LE asks Bob to publish:
_acme-challenge.example.net 600 IN TXT "I_like_Natchos" in his zone,
and Bob signs it.

I_like_Cheese and I_like_Natchos hash to the same output - 0x12345,
and both Bob and I have signed it (actually, what get signed is the
concatenation of the RRSIG RDATA and the RRSET, and so the LE doesn't
really get to choose the prefix, but lets ignore that).

Now the attacker (LE) has gotten both Bob and I to sign this, and when
someone queries for _acme-challenge.example.com LE could inject
"I_like_Natchos" instead of "I_like_Cheese" -- but both of these
strings were messages under the attackers control anyway. Yes, I feel
that there *might* be a way that this can be pivoted into something
useful to the attacker, but I'm still not seeing it...

W


> --
>     Viktor.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf



More information about the dns-operations mailing list