Analysis of Threats Motivating DomainKeys Identified Mail (DKIM)
RFC 4686

 
Document Type RFC - Informational (September 2006; No errata)
Last updated 2013-03-02
Replaces draft-fenton-dkim-threats
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 4686 (Informational)
Telechat date
Responsible AD Russ Housley
Send notices to dkim-chairs@ietf.org, fenton@cisco.com
Network Working Group                                          J. Fenton
Request for Comments: 4686                           Cisco Systems, Inc.
Category: Informational                                   September 2006

    Analysis of Threats Motivating DomainKeys Identified Mail (DKIM)

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document provides an analysis of some threats against Internet
   mail that are intended to be addressed by signature-based mail
   authentication, in particular DomainKeys Identified Mail.  It
   discusses the nature and location of the bad actors, what their
   capabilities are, and what they intend to accomplish via their
   attacks.

Fenton                       Informational                      [Page 1]
RFC 4686                  DKIM Threat Analysis            September 2006

Table of Contents

   1. Introduction ....................................................3
      1.1. Terminology and Model ......................................3
      1.2. Document Structure .........................................5
   2. The Bad Actors ..................................................6
      2.1. Characteristics ............................................6
      2.2. Capabilities ...............................................6
      2.3. Location ...................................................8
           2.3.1. Externally-Located Bad Actors .......................8
           2.3.2. Within Claimed Originator's Administrative Unit .....8
           2.3.3. Within Recipient's Administrative Unit ..............9
   3. Representative Bad Acts .........................................9
      3.1. Use of Arbitrary Identities ................................9
      3.2. Use of Specific Identities ................................10
           3.2.1. Exploitation of Social Relationships ...............10
           3.2.2. Identity-Related Fraud .............................11
           3.2.3. Reputation Attacks .................................11
           3.2.4. Reflection Attacks .................................11
   4. Attacks on Message Signing .....................................12
      4.1. Attacks against Message Signatures ........................12
           4.1.1. Theft of Private Key for Domain ....................13
           4.1.2. Theft of Delegated Private Key .....................13
           4.1.3. Private Key Recovery via Side Channel Attack .......14
           4.1.4. Chosen Message Replay ..............................14
           4.1.5. Signed Message Replay ..............................16
           4.1.6. Denial-of-Service Attack against Verifier ..........16
           4.1.7. Denial-of-Service Attack against Key Service .......17
           4.1.8. Canonicalization Abuse .............................17
           4.1.9. Body Length Limit Abuse ............................17
           4.1.10. Use of Revoked Key ................................18
           4.1.11. Compromise of Key Server ..........................18
           4.1.12. Falsification of Key Service Replies ..............19
           4.1.13. Publication of Malformed Key Records
                   and/or Signatures .................................19
           4.1.14. Cryptographic Weaknesses in Signature Generation ..20
           4.1.15. Display Name Abuse ................................21
           4.1.16. Compromised System within Originator's Network ....21
           4.1.17. Verification Probe Attack .........................21
           4.1.18. Key Publication by Higher-Level Domain ............22
      4.2. Attacks against Message Signing Practices .................23
           4.2.1. Look-Alike Domain Names ............................23
           4.2.2. Internationalized Domain Name Abuse ................23
           4.2.3. Denial-of-Service Attack against Signing
                  Practices ..........................................24
           4.2.4. Use of Multiple From Addresses .....................24
           4.2.5. Abuse of Third-Party Signatures ....................24
           4.2.6. Falsification of Sender Signing Practices Replies ..25

Fenton                       Informational                      [Page 2]
RFC 4686                  DKIM Threat Analysis            September 2006

      4.3. Other Attacks .............................................25
           4.3.1. Packet Amplification Attacks via DNS ...............25
   5. Derived Requirements ...........................................26
   6. Security Considerations ........................................26
Show full document text