MoinQ:

DNSSEC/securityについて、ここに記述してください。

こんなに勉強しなければ、心配で使えないDNSSECとはなんのため、誰のために存在するのだろう。


http://www.isoc.org/isoc/conferences/ndss/10/pdf/17.pdf (論文、コピーあり)

DNSSEC_Security_Evaluation_CS259.pdf (スライド、コピーあり)

A Security Evaluation of DNSSEC with NSEC3.
   Jason Bau. Stanford University. Stanford, CA, USA jbau@stanford.edu.
   John Mitchell. Stanford University. Stanford, CA, USA mitchell@cs.stanford.edu. 

abstract:

Domain Name System Security Extensions (DNSSEC) with
Hashed Authenticated Denial of Existence (NSEC3) is a
protocol slated for adoption by important parts of the
DNS hierarchy, including the root zone, as a solution to
DNS security vulnerabilities such as “cache-poisoning”
attacks. We study the security goals and operation of
DNSSEC/NSEC3 and use Murφ, a finite-state enumera-
tion tool, to analyze its security guarantees and shortcom-
ings.

By checking DNSSEC/NSEC3 security properties in
the presence of a network attacker, we uncover several
weaknesses in the DNSSEC protocol, including incorrect
temporal dependencies in the DNSSEC signature attesta-
tion chain and NSEC3 options that allow a forged name
to be inserted into a DNSSEC domain.

We demonstrate
the exploitability of the NSEC3 vulnerability by a browser
cookie-stealing attack on a realistic laboratory DNSSEC
domain. We offer implementation and configuration advice
which minimize the exploitability of the uncovered vulnera-
bilities. After re-incorporating the advised repairs into the
Murφ DNSSEC model, we demonstrate the updated proto-
col no longer contains vulnerabilities exploitable within our
threat model.