Domain Name System Security Extensions (DNSSEC) and Hashed Authenticated Denial of Existence (NSEC3) are slated for adoption by important parts of the DNS hierarchy, including the root zone, as a solution to vulnerabilities such as ”cache-poisoning” attacks. We study the security goals and operation of DNSSEC/NSEC3 using Mur’, a finite-state enumeration tool, to analyze security properties that may be relevant to various deployment scenarios. Our systematic study reveals several subtleties and potential pitfalls that can be avoided by proper configuration choices, including resource records that may remain valid after the expiration of relevant signatures and potential insertion of forged names into a DNSSEC-enabled domain via the opt-out option. We demonstrate the exploitability of DNSSEC opt-out options in an enterprise setting by constructing a browser cookie-stealing attack on a laboratory domain. Under recommended configuration settings, further Mur’ model checking finds no vulnerabilities within our threat model, suggesting that DNSSEC with NSEC3 provides significant security benefits.
[1]
Scott Rose,et al.
Resource Records for the DNS Security Extensions
,
2005,
RFC.
[2]
Ben Laurie,et al.
DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
,
2008,
RFC.
[3]
Brian Wellington,et al.
Secret Key Transaction Authentication for DNS (TSIG)
,
2000,
RFC.
[4]
Moisés Aranda,et al.
the birthday problem
,
2008
.
[5]
G. Lowe,et al.
Breaking and Fixing the Needham-Schroeder Public-Key Protocol using CSP and FDR
,
1996
.
[6]
Johan Ihren,et al.
Minimally Covering NSEC Records and DNSSEC On-line Signing
,
2006,
RFC.
[7]
David L. Dill,et al.
The Murphi Verification System
,
1996,
CAV.
[8]
Vitaly Shmatikov,et al.
Finite-State Analysis of SSL 3.0
,
1998,
USENIX Security Symposium.
[9]
Donald E. Eastlake,et al.
DNS Request and Transaction Signatures ( SIG(0)s )
,
2000,
RFC.
[10]
Scott Rose,et al.
Protocol Modifications for the DNS Security Extensions
,
2005,
RFC.