D. J. Bernstein
Internet publication
DNScache

DNS forgery

An attacker with access to your network can easily forge responses to your computer's DNS requests. He can steal your outgoing mail, for example, and intercept your ``secure'' web transactions.

If you're running a DNS server, an attacker with access to your network can easily forge responses from that DNS server to other people. He can steal your incoming mail, for example, and replace your web pages.

An attacker from anywhere on the Internet, without access to the client network and without access to the server network, can also forge responses, although not so easily. In particular, he has to guess the query time, the DNS ID (16 bits), and the DNS query port (15-16 bits). The dnscache program uses a cryptographic generator for the ID and query port to make them extremely difficult to predict; however, an attacker who makes a few billion random guesses is likely to succeed at least once.

Public-key signature systems

Modern cryptography offers a tool to prevent forgeries: a public-key signature system. In short: The signature is a complicated mathematical function of the document and the key.

DNSSEC

DNSSEC is a project to have a central company, Network Solutions, sign all the .com DNS records. Here's the idea, proposed in 1993:

However, as of February 2000, Network Solutions simply isn't doing this. There is no Network Solutions key. There are no Network Solutions signatures. There is no secure channel---in fact, no mechanism at all---for Network Solutions to collect *.com keys in the first place.

DNSSEC is often falsely advertised as a software feature that you can install to protect your computer against DNS forgeries. In fact, installing DNSSEC does nothing to protect you, and it will continue to do nothing for the foreseeable future. I'm not going to bother implementing DNSSEC until I hear a detailed, concrete, credible plan for central DNSSEC deployment.

Even if DNSSEC is someday put into place, it will continue to allow attacks through Network Solutions itself. What happens if a Network Solutions employee is bribed? Are the Network Solutions computers secure? An attacker who breaks into one critical Network Solutions computer will have control over the entire Internet.

Nym-based security

There's another way to use public-key signatures to prevent forgeries. It's simpler and faster than DNSSEC, and it doesn't rely on a central authority.

The disadvantage is that it requires long host names, too long to remember. On the other hand, users seem to find computerized bookmarks a satisfactory solution to the problem of remembering long web addresses. As more and more business is carried out electronically, long host names will become less and less of a problem.

The idea is simply to give each computer a name that includes the computer's nym, a fingerprint of the computer's public key. Other computers then discard DNS records for these names if the records aren't accompanied by signatures under the corresponding public keys.

My top priority for DNScache after version 1.00 is to support nym-based security.