Bind and ZSK-Rollovers: Changing salt automatically?
Carsten Strotmann
cas at strotmann.de
Fri Jul 25 11:31:53 UTC 2014
Hello Mark,
Mark Andrews <marka at isc.org> writes:
> Actually it is useless to change the salt regularly. Changing the
> salt provides no real benefit against discovering the names in a
> zone which is the reason people were saying to change the salt.
>
> The attacker uses cached NSEC3 records. When it gets a cache miss
> it asks the servers for the zone, puts the answer in the cache and
> continues. When the salt changes it just maintains multiple nsec3
> chains eventually discarding the old nsec3 chain eventually. I
> would wait until the new NSEC3 chain has as many cached records as
> the old NSEC3 chain. Changing the salt slows things up miniminally
> for a very short period of time after the change. Additionally
> once you have some names you ask for those names for a non-exisisting
> type to quickly pull in part of the new NSEC3 chain you know exists.
>
> The only reason to change the salt is if you have a collision of
> the hashed names. This will be a very very very rare event.
>
this is new for me (must somehow missed it if this was previously
discussed). I do not want to give useless or misguiding advice.
I do not understand how the NSEC3 hash can be defeated by an
attacker. Could you give a link to additional information or could you
explain the issue with NSEC3 salt in other words?
Best regards
Carsten
--
Carsten Strotmann
Email: cas at strotmann.de
Blog: strotmann.de
More information about the bind-users
mailing list