Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Fragmentation considered leaking: Port inference for DNS poisoning

: Shulman, Haya; Waidner, Michael


Boureanu, I.C.:
Applied cryptography and network security. 12th international conference, ACNS 2014 : Lausanne, Switzerland, June 10-13, 2014; Proceedings
Cham: Springer International Publishing, 2014 (Lecture Notes in Computer Science 8479)
ISBN: 978-3-319-07535-8 (Print)
ISBN: 978-3-319-07536-5 (Online)
International Conference on Applied Cryptography and Network Security (ACNS) <12, 2014, Lausanne>
Fraunhofer SIT ()
challenge-response defences; DNS cache poisoning; fragmentation

Internet systems and networks have a long history of attacks by off-path adversaries. An off-path adversary cannot see the traffic exchanged by the legitimate end points, and in the course of an attack it attempts to impersonate some victim by injecting spoofed packets into the communication flow. Such attacks subvert the correctness and availability of Internet services and, among others, were applied for DNS cache poisoning, TCP injections, reflection DDoS attacks. A significant research effort is aimed at hardening client systems against off-path attacks by designing challenge-response defences, whereby random challenges are sent with the request and the responses are validated to echo the corresponding values. In this work we study the security of a standard and widely deployed challenge-response defence port randomisation, and show that off-path attackers can efficiently and stealthily learn the ports selected by end systems. We show how to apply our techniques for DNS cache poisoning. We tested our attacks against standard and patched operating systems and popular DNS resolvers software. Our results motivate speeding up adoption of cryptographic defences for DNS.