08448380779 Call Girls In Greater Kailash - I Women Seeking Men
DNS based Authentication of Named Entities (DANE)
1. 1#P25Summit
Because opportunistic STARTTLS isn’t good enough
DNS based Authentication of Named Entities (DANE)
Avinash Kulkarni
Lead Software Engineer, Port25 Solutions Inc.
2. 2#P25Summit
About Me
• Avinash Kulkarni
• Lead Software Developer at Port25 Solutions Inc.
• Work on core PowerMTA features
• Working at Port25 since 2009
3. 3#P25Summit
Growth of STARTTLS
• STARTTLS was introduced in 2002 - Encrypt emails during transit
• Slow adoption at first
• After several high profile email security breaches, adaption took off
4. 4#P25Summit
STARTTLS is great, but…
• Entirely opportunistic
EHLO
I support STARTTLS
Ok, fallback to unencrypted
MTA-1 MTA-2
STARTTLS Failure
5. 5#P25Summit
STARTTLS is great, but…
• susceptible to TLS downgrade attacks
EHLO
No STARTTLS
Ok, unencrypted it is
MTA-1 MTA-2MiTM attacker MTA
Encrypted
6. 6#P25Summit
STARTTLS is great, but…
• Server certificate validation isn’t required
STARTTLS
MTA-2 Spoof Certificate
Continue, presumably talking to MTA-2
MTA-1 Spoof MTA-2
7. 7#P25Summit
Ah, about that certificate validation…
• We could validate certificates using Public Key Infrastructure(PKI)
• A la HTTPS
• Accept only certificates signed by trusted Certificate Authorities(CAs)
• But, its not without problems…
• Too many CAs out there
- Have to trust them all
• CAs can be compromised
• Certificates issued without due diligence on the part of CA
• Learning about revoked certificates quickly is difficult
- Failure to learn about revocation implies the certificate is trusted!
8. 8#P25Summit
And let’s not forget…
• SMTP doesn’t rely on CA model
• MTAs don’t ship with a list of trusted root certificates
• So, we need another medium to obtain information about certificates
• Should be fast
• Should be secure
• Easy to deploy
• Simple to query
9. 9#P25Summit
DNS is a great medium
• Fast, scalable, and widely deployed
• But insecure and susceptible to MiTM attacks
example.com
IN
A w.x.y.z
DNS Resolver
Root zone DNS Server
MiTM attacker
. IN A ?example.com IN A ?
example.com IN A w.x.y.z
.com zone DNS Server
example.com zone DNS
Server
Attacker’s Phising site
w.x.y.z
com. IN A ?
example.com IN A ?
10. 10#P25Summit
DNSSEC – a secure alternative
• Provides origin authentication, integrity checking of DNS records
• Cryptographically verifies DNS records from the root downwards
• Provides visibility into MiTM attacks
exam
ple.com
IN
A
w
.x.y.z
DNS Resolver
Root zone DNS Server. IN A ?example.com IN A ?
example.com IN A a.b.c.d
.com zone DNS Server
com. IN A ?
example.com IN A ?example.com IN A a.b.c.d
example.com zone
DNS Server
MiTM attacker
11. 11#P25Summit
Back to our original problems with STARTTLS
• How to prevent TLS downgrades
EHLO
I support STARTTLS
Can’t fallback to unencrypted
MTA-1 MTA-2
STARTTLS Failure
DNS Resolver with
DNSSEC
MTA-2 requires STARTTLS
12. 12#P25Summit
Back to our original problems with STARTTLS
• How to prevent MiTM attacks
STARTTLS
Attacker’s Certificate
Certificate mismatch,
disconnect
MTA-1
Spoof MTA-2
DNS Resolver with
DNSSEC
MTA-2’ s certificate
MTA-2
STARTTLS
MTA-2
Certificate
Certificate matched, continue
13. 13#P25Summit
That’s DANE at work!
• DNS-Based Authentication of Named Entities (DANE)
• Administrators can publish info about their certificates using TLSA records
• Clients can query that info securely via DNSSEC
• Doesn’t use the CA model
- Easily detect spoofed certificates
- Revoking a certificate is easy – just remove the associated TLSA record
• Avoids security pitfalls in DNS
14. 14#P25Summit
That’s not all..
• DANE deployment is easy once DNSSEC is in place
• Publishing certificate info scales easily
• Administrators can publish TLSA record for signing certificates as Trust Anchor
• Adoption is growing (from “Real World DANE” talk at ICAAN 61)
• Primarily in Northern Europe and USA
• 5.2 million domains with DNSSEC-validated MX
• 178,000 domains with DANE SMTP support
• Examples include gmx.de, web.de, comcast.net
• Feeds virtuous cycle of driving up DNSSEC adoption
15. 15#P25Summit
Some notes on DANE SMTP
• Its not end-to-end security
• Only provides for secure transmission channel with authentication
• Not an alternative to PGP or S/MIME
• Built on DNSSEC
• Lack of Availability and Confidentiality
• Bigger zone files, larger DNS responses
• Needs more resources for crypto operations
• An alternative to use of DNSSEC – DANE-STS – is in the works
• Uses HTTPS
16. 16#P25Summit
DANE SMTP support in PowerMTA
• Will be part of PowerMTA 5.0b1 release
• Simple to configure – a per-domain setting to enable/disable outbound DANE
• Compliant with RFC 7672 recommendations for SMTP DANE
• Requires DNSSEC-validating DNS resolver
Consider enabling both outbound and inbound DANE!