| draft-ietf-dnsext-rfc2539bis-dhk-01.txt | draft-ietf-dnsext-rfc2539bis-dhk-02.txt | |||
|---|---|---|---|---|
| INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||
| OBSOLETES: RFC 2539 Donald Eastlake 3rd | OBSOLETES: RFC 2539 Donald Eastlake 3rd | |||
| Motorola | Motorola | |||
| Expires: May 2002 November 2001 | Expires: November 2002 May 2002 | |||
| Storage of Diffie-Hellman Keys in the Domain Name System (DNS) | Storage of Diffie-Hellman Keys in the Domain Name System (DNS) | |||
| ------- -- -------------- ---- -- --- ------ ---- ------ ----- | ------- -- -------------- ---- -- --- ------ ---- ------ ----- | |||
| <draft-ietf-dnsext-rfc2539bis-dhk-01.txt> | <draft-ietf-dnsext-rfc2539bis-dhk-02.txt> | |||
| Donald E. Eastlake 3rd | Donald E. Eastlake 3rd | |||
| Status of This Document | Status of This Document | |||
| This draft is intended to be become a Draft Standard RFC. | This draft is intended to be become a Draft Standard RFC. | |||
| Distribution of this document is unlimited. Comments should be sent | Distribution of this document is unlimited. Comments should be sent | |||
| to the DNS extensions working group mailing list | to the DNS extensions working group mailing list | |||
| <namedroppers@ops.ietf.org> or to the author. | <namedroppers@ops.ietf.org> or to the author. | |||
| skipping to change at page 4, line 12 | skipping to change at page 4, line 12 | |||
| A.2. Well-Known Group 2: A 1024 bit prime.................8 | A.2. Well-Known Group 2: A 1024 bit prime.................8 | |||
| A.3. Well-Known Group 3: A 1536 bit prime.................9 | A.3. Well-Known Group 3: A 1536 bit prime.................9 | |||
| INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||
| 1. Introduction | 1. Introduction | |||
| The Domain Name System (DNS) is the global hierarchical replicated | The Domain Name System (DNS) is the global hierarchical replicated | |||
| distributed database system for Internet addressing, mail proxy, and | distributed database system for Internet addressing, mail proxy, and | |||
| similar information. The DNS has been extended to include digital | similar information. The DNS has been extended to include digital | |||
| signatures and cryptographic keys as described in [RFC 2535]. Thus | signatures and cryptographic keys as described in [RFC 2535]. | |||
| the DNS can now be secured and used for key distribution. | ||||
| 1.1 About This Document | 1.1 About This Document | |||
| This document describes how to store Diffie-Hellman keys in the DNS. | This document describes how to store Diffie-Hellman keys in the DNS. | |||
| Familiarity with the Diffie-Hellman key exchange algorithm is assumed | Familiarity with the Diffie-Hellman key exchange algorithm is assumed | |||
| [Schneier, RFC 2631]. | [Schneier, RFC 2631]. | |||
| 1.2 About Diffie-Hellman | 1.2 About Diffie-Hellman | |||
| Diffie-Hellman requires two parties to interact to derive keying | Diffie-Hellman requires two parties to interact to derive keying | |||
| skipping to change at page 4, line 41 | skipping to change at page 4, line 40 | |||
| Y = g**j ( mod p ) | Y = g**j ( mod p ) | |||
| They exchange these quantities and then each calculates a Z as | They exchange these quantities and then each calculates a Z as | |||
| follows: | follows: | |||
| Zi = Y**i ( mod p ) | Zi = Y**i ( mod p ) | |||
| Zj = X**j ( mod p ) | Zj = X**j ( mod p ) | |||
| Zi and Zj will both be equal to g**(ij)(mod p) and will be a shared | Zi and Zj will both be equal to g**(i*j)(mod p) and will be a shared | |||
| secret between the two parties that an adversary who does not know i | secret between the two parties that an adversary who does not know i | |||
| or j will not be able to learn from the exchanged messages (unless | or j will not be able to learn from the exchanged messages (unless | |||
| the adversary can derive i or j by performing a discrete logarithm | the adversary can derive i or j by performing a discrete logarithm | |||
| mod p which is hard for strong p and g). | mod p which is hard for strong p and g). | |||
| The private key for each party is their secret i (or j). The public | The private key for each party is their secret i (or j). The public | |||
| key is the pair p and g, which must be the same for the parties, and | key is the pair p and g, which must be the same for the parties, and | |||
| their individual X (or Y). | their individual X (or Y). | |||
| For further information about Diffie-Hellman and precautions to take | For further information about Diffie-Hellman and precautions to take | |||
| skipping to change at page 6, line 41 | skipping to change at page 6, line 41 | |||
| 5. Security Considerations | 5. Security Considerations | |||
| Many of the general security consideration in [RFC 2535] apply. Keys | Many of the general security consideration in [RFC 2535] apply. Keys | |||
| retrieved from the DNS should not be trusted unless (1) they have | retrieved from the DNS should not be trusted unless (1) they have | |||
| been securely obtained from a secure resolver or independently | been securely obtained from a secure resolver or independently | |||
| verified by the user and (2) this secure resolver and secure | verified by the user and (2) this secure resolver and secure | |||
| obtainment or independent verification conform to security policies | obtainment or independent verification conform to security policies | |||
| acceptable to the user. As with all cryptographic algorithms, | acceptable to the user. As with all cryptographic algorithms, | |||
| evaluating the necessary strength of the key is important and | evaluating the necessary strength of the key is important and | |||
| dependent on local policy. | dependent on security policy. | |||
| In addition, the usual Diffie-Hellman key strength considerations | In addition, the usual Diffie-Hellman key strength considerations | |||
| apply. (p-1)/2 should also be prime, g should be primitive mod p, p | apply. (p-1)/2 should also be prime, g should be primitive mod p, p | |||
| should be "large", etc. [RFC 2631, Schneier] | should be "large", etc. [RFC 2631, Schneier] | |||
| INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||
| References | References | |||
| [RFC 1034] - P. Mockapetris, "Domain names - concepts and | [RFC 1034] - P. Mockapetris, "Domain names - concepts and | |||
| skipping to change at page 7, line 31 | skipping to change at page 7, line 31 | |||
| [RFC 2539] - Storage of Diffie-Hellman Keys in the Domain Name System | [RFC 2539] - Storage of Diffie-Hellman Keys in the Domain Name System | |||
| (DNS), D. Eastlake, March 1999, obsoleted by this RFC. | (DNS), D. Eastlake, March 1999, obsoleted by this RFC. | |||
| [RFC 2631] - Diffie-Hellman Key Agreement Method, E. Rescorla, June | [RFC 2631] - Diffie-Hellman Key Agreement Method, E. Rescorla, June | |||
| 1999. | 1999. | |||
| [RFC 2671] - Extension Mechanisms for DNS (EDNS0), P. Vixie, August | [RFC 2671] - Extension Mechanisms for DNS (EDNS0), P. Vixie, August | |||
| 1999. | 1999. | |||
| [Schneier] - Bruce Schneier, "Applied Cryptography: Protocols, | [Schneier] - Bruce Schneier, "Applied Cryptography: Protocols, | |||
| Algorithms, and Source Code in C", 1996, John Wiley and Sons. | Algorithms, and Source Code in C" (Second Edition), 1996, John Wiley | |||
| and Sons. | ||||
| Author's Address | Author's Address | |||
| Donald E. Eastlake 3rd | Donald E. Eastlake 3rd | |||
| Motorola | Motorola | |||
| 155 Beaver Street | 155 Beaver Street | |||
| Milford, MA 01757 USA | Milford, MA 01757 USA | |||
| Telephone: +1-508-261-5434 (w) | Telephone: +1-508-851-8280 (w) | |||
| +1-508-634-2066 (h) | +1-508-634-2066 (h) | |||
| FAX: +1-508-261-4447 (w) | FAX: +1-508-851-8507 (w) | |||
| EMail: Donald.Eastlake@motorola.com | EMail: Donald.Eastlake@motorola.com | |||
| Expiration and File Name | Expiration and File Name | |||
| This draft expires in May 2002. | This draft expires in November 2002. | |||
| Its file name is draft-ietf-dnsext-rfc2539bis-dhk-01.txt. | Its file name is draft-ietf-dnsext-rfc2539bis-dhk-02.txt. | |||
| INTERNET-DRAFT Diffie-Hellman Keys in the DNS | INTERNET-DRAFT Diffie-Hellman Keys in the DNS | |||
| Appendix A: Well known prime/generator pairs | Appendix A: Well known prime/generator pairs | |||
| These numbers are copied from the IPSEC effort where the derivation of | These numbers are copied from the IPSEC effort where the derivation of | |||
| these values is more fully explained and additional information is available. | these values is more fully explained and additional information is available. | |||
| Richard Schroeppel performed all the mathematical and computational | Richard Schroeppel performed all the mathematical and computational | |||
| work for this appendix. | work for this appendix. | |||
| End of changes. | ||||
This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ | ||||