draft-ietf-dnsext-rfc2539bis-dhk-01.txt | draft-ietf-dnsext-rfc2539bis-dhk-02.txt | |||
---|---|---|---|---|

INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||

OBSOLETES: RFC 2539 Donald Eastlake 3rd | OBSOLETES: RFC 2539 Donald Eastlake 3rd | |||

Motorola | Motorola | |||

Expires: May 2002 November 2001 | Expires: November 2002 May 2002 | |||

Storage of Diffie-Hellman Keys in the Domain Name System (DNS) | Storage of Diffie-Hellman Keys in the Domain Name System (DNS) | |||

------- -- -------------- ---- -- --- ------ ---- ------ ----- | ------- -- -------------- ---- -- --- ------ ---- ------ ----- | |||

<draft-ietf-dnsext-rfc2539bis-dhk-01.txt> | <draft-ietf-dnsext-rfc2539bis-dhk-02.txt> | |||

Donald E. Eastlake 3rd | Donald E. Eastlake 3rd | |||

Status of This Document | Status of This Document | |||

This draft is intended to be become a Draft Standard RFC. | This draft is intended to be become a Draft Standard RFC. | |||

Distribution of this document is unlimited. Comments should be sent | Distribution of this document is unlimited. Comments should be sent | |||

to the DNS extensions working group mailing list | to the DNS extensions working group mailing list | |||

<namedroppers@ops.ietf.org> or to the author. | <namedroppers@ops.ietf.org> or to the author. | |||

skipping to change at page 4, line 12 | skipping to change at page 4, line 12 | |||

A.2. Well-Known Group 2: A 1024 bit prime.................8 | A.2. Well-Known Group 2: A 1024 bit prime.................8 | |||

A.3. Well-Known Group 3: A 1536 bit prime.................9 | A.3. Well-Known Group 3: A 1536 bit prime.................9 | |||

INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||

1. Introduction | 1. Introduction | |||

The Domain Name System (DNS) is the global hierarchical replicated | The Domain Name System (DNS) is the global hierarchical replicated | |||

distributed database system for Internet addressing, mail proxy, and | distributed database system for Internet addressing, mail proxy, and | |||

similar information. The DNS has been extended to include digital | similar information. The DNS has been extended to include digital | |||

signatures and cryptographic keys as described in [RFC 2535]. Thus | signatures and cryptographic keys as described in [RFC 2535]. | |||

the DNS can now be secured and used for key distribution. | ||||

1.1 About This Document | 1.1 About This Document | |||

This document describes how to store Diffie-Hellman keys in the DNS. | This document describes how to store Diffie-Hellman keys in the DNS. | |||

Familiarity with the Diffie-Hellman key exchange algorithm is assumed | Familiarity with the Diffie-Hellman key exchange algorithm is assumed | |||

[Schneier, RFC 2631]. | [Schneier, RFC 2631]. | |||

1.2 About Diffie-Hellman | 1.2 About Diffie-Hellman | |||

Diffie-Hellman requires two parties to interact to derive keying | Diffie-Hellman requires two parties to interact to derive keying | |||

skipping to change at page 4, line 41 | skipping to change at page 4, line 40 | |||

Y = g**j ( mod p ) | Y = g**j ( mod p ) | |||

They exchange these quantities and then each calculates a Z as | They exchange these quantities and then each calculates a Z as | |||

follows: | follows: | |||

Zi = Y**i ( mod p ) | Zi = Y**i ( mod p ) | |||

Zj = X**j ( mod p ) | Zj = X**j ( mod p ) | |||

Zi and Zj will both be equal to g**(ij)(mod p) and will be a shared | Zi and Zj will both be equal to g**(i*j)(mod p) and will be a shared | |||

secret between the two parties that an adversary who does not know i | secret between the two parties that an adversary who does not know i | |||

or j will not be able to learn from the exchanged messages (unless | or j will not be able to learn from the exchanged messages (unless | |||

the adversary can derive i or j by performing a discrete logarithm | the adversary can derive i or j by performing a discrete logarithm | |||

mod p which is hard for strong p and g). | mod p which is hard for strong p and g). | |||

The private key for each party is their secret i (or j). The public | The private key for each party is their secret i (or j). The public | |||

key is the pair p and g, which must be the same for the parties, and | key is the pair p and g, which must be the same for the parties, and | |||

their individual X (or Y). | their individual X (or Y). | |||

For further information about Diffie-Hellman and precautions to take | For further information about Diffie-Hellman and precautions to take | |||

skipping to change at page 6, line 41 | skipping to change at page 6, line 41 | |||

5. Security Considerations | 5. Security Considerations | |||

Many of the general security consideration in [RFC 2535] apply. Keys | Many of the general security consideration in [RFC 2535] apply. Keys | |||

retrieved from the DNS should not be trusted unless (1) they have | retrieved from the DNS should not be trusted unless (1) they have | |||

been securely obtained from a secure resolver or independently | been securely obtained from a secure resolver or independently | |||

verified by the user and (2) this secure resolver and secure | verified by the user and (2) this secure resolver and secure | |||

obtainment or independent verification conform to security policies | obtainment or independent verification conform to security policies | |||

acceptable to the user. As with all cryptographic algorithms, | acceptable to the user. As with all cryptographic algorithms, | |||

evaluating the necessary strength of the key is important and | evaluating the necessary strength of the key is important and | |||

dependent on local policy. | dependent on security policy. | |||

In addition, the usual Diffie-Hellman key strength considerations | In addition, the usual Diffie-Hellman key strength considerations | |||

apply. (p-1)/2 should also be prime, g should be primitive mod p, p | apply. (p-1)/2 should also be prime, g should be primitive mod p, p | |||

should be "large", etc. [RFC 2631, Schneier] | should be "large", etc. [RFC 2631, Schneier] | |||

INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||

References | References | |||

[RFC 1034] - P. Mockapetris, "Domain names - concepts and | [RFC 1034] - P. Mockapetris, "Domain names - concepts and | |||

skipping to change at page 7, line 31 | skipping to change at page 7, line 31 | |||

[RFC 2539] - Storage of Diffie-Hellman Keys in the Domain Name System | [RFC 2539] - Storage of Diffie-Hellman Keys in the Domain Name System | |||

(DNS), D. Eastlake, March 1999, obsoleted by this RFC. | (DNS), D. Eastlake, March 1999, obsoleted by this RFC. | |||

[RFC 2631] - Diffie-Hellman Key Agreement Method, E. Rescorla, June | [RFC 2631] - Diffie-Hellman Key Agreement Method, E. Rescorla, June | |||

1999. | 1999. | |||

[RFC 2671] - Extension Mechanisms for DNS (EDNS0), P. Vixie, August | [RFC 2671] - Extension Mechanisms for DNS (EDNS0), P. Vixie, August | |||

1999. | 1999. | |||

[Schneier] - Bruce Schneier, "Applied Cryptography: Protocols, | [Schneier] - Bruce Schneier, "Applied Cryptography: Protocols, | |||

Algorithms, and Source Code in C", 1996, John Wiley and Sons. | Algorithms, and Source Code in C" (Second Edition), 1996, John Wiley | |||

and Sons. | ||||

Author's Address | Author's Address | |||

Donald E. Eastlake 3rd | Donald E. Eastlake 3rd | |||

Motorola | Motorola | |||

155 Beaver Street | 155 Beaver Street | |||

Milford, MA 01757 USA | Milford, MA 01757 USA | |||

Telephone: +1-508-261-5434 (w) | Telephone: +1-508-851-8280 (w) | |||

+1-508-634-2066 (h) | +1-508-634-2066 (h) | |||

FAX: +1-508-261-4447 (w) | FAX: +1-508-851-8507 (w) | |||

EMail: Donald.Eastlake@motorola.com | EMail: Donald.Eastlake@motorola.com | |||

Expiration and File Name | Expiration and File Name | |||

This draft expires in May 2002. | This draft expires in November 2002. | |||

Its file name is draft-ietf-dnsext-rfc2539bis-dhk-01.txt. | Its file name is draft-ietf-dnsext-rfc2539bis-dhk-02.txt. | |||

INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||

Appendix A: Well known prime/generator pairs | Appendix A: Well known prime/generator pairs | |||

These numbers are copied from the IPSEC effort where the derivation of | These numbers are copied from the IPSEC effort where the derivation of | |||

these values is more fully explained and additional information is available. | these values is more fully explained and additional information is available. | |||

Richard Schroeppel performed all the mathematical and computational | Richard Schroeppel performed all the mathematical and computational | |||

work for this appendix. | work for this appendix. | |||

End of changes. | ||||

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ |