Diff: draft-ietf-dnsext-dnssec-gost-06.txt - draft-ietf-dnsext-dnssec-gost-07.txt

	< draft-ietf-dnsext-dnssec-gost-06.txt	draft-ietf-dnsext-dnssec-gost-07.txt >
	DNS Extensions working group V.Dolmatov, Ed.	DNS Extensions working group V.Dolmatov, Ed.
	Internet-Draft Cryptocom Ltd.	Internet-Draft Cryptocom Ltd.

	Intended status: Standards Track December 12, 2009	Intended status: Standards Track March 06, 2010
	Expires: June 12, 2010	Expires: September 06, 2010

	Use of GOST signature algorithms in DNSKEY and RRSIG Resource Records	Use of GOST signature algorithms in DNSKEY and RRSIG Resource Records
	for DNSSEC	for DNSSEC

	draft-ietf-dnsext-dnssec-gost-06	draft-ietf-dnsext-dnssec-gost-07

	Status of this Memo	Status of this Memo

	This Internet-Draft is submitted to IETF in full conformance with the	This Internet-Draft is submitted to IETF in full conformance with the
	provisions of BCP 78 and BCP 79.	provisions of BCP 78 and BCP 79.

	Internet-Drafts are working documents of the Internet Engineering	Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF), its areas, and its working groups. Note that	Task Force (IETF), its areas, and its working groups. Note that
	other groups may also distribute working documents as Internet-	other groups may also distribute working documents as Internet-
	Drafts.	Drafts.

	skipping to change at page 1, line 32 ¶	skipping to change at page 1, line 32 ¶
	and may be updated, replaced, or obsoleted by other documents at any	and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference	time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."	material or to cite them other than as "work in progress."

	The list of current Internet-Drafts can be accessed at	The list of current Internet-Drafts can be accessed at
	http://www.ietf.org/ietf/1id-abstracts.txt.	http://www.ietf.org/ietf/1id-abstracts.txt.

	The list of Internet-Draft Shadow Directories can be accessed at	The list of Internet-Draft Shadow Directories can be accessed at
	http://www.ietf.org/shadow.html.	http://www.ietf.org/shadow.html.


	This Internet-Draft will expire on June 12 2010.	This Internet-Draft will expire on September 06 2010.

	Copyright Notice	Copyright Notice

	Copyright (c) 2009 IETF Trust and the persons identified as the	Copyright (c) 2009 IETF Trust and the persons identified as the
	document authors. All rights reserved.	document authors. All rights reserved.

	This document is subject to BCP 78 and the IETF Trust's Legal	This document is subject to BCP 78 and the IETF Trust's Legal

	Provisions Relating to IETF Documents in effect on the date of	Provisions Relating to IETF Documents
	publication of this document (http://trustee.ietf.org/license-info).	(http://trustee.ietf.org/license-info) in effect on the date of
	Please review these documents carefully, as they describe your rights	publication of this document. Please review these documents
	and restrictions with respect to this document.	carefully, as they describe your rights and restrictions with
		respect to this document. Code Components extracted from this
		document must include Simplified BSD License text as described in
		Section 4.e of the Trust Legal Provisions and are provided without
		warranty as described in the Simplified BSD License.

	Abstract	Abstract

	This document describes how to produce signature and hash using	This document describes how to produce signature and hash using

	GOST algorithms [DRAFT1, DRAFT2, DRAFT3] for DNSKEY, RRSIG and DS	GOST (R 34.10-2001, R 34.11-94) algorithms foor DNSKEY, RRSIG and DS
	resource records for use in the Domain Name System Security	resource records for use in the Domain Name System Security

	Extensions (DNSSEC, RFC 4033, RFC 4034, and RFC 4035).	Extensions (DNSSEC).

	Table of Contents	Table of Contents

	1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2	1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
	2. DNSKEY Resource Records . . . . . . . . . . . . . . . . . . . . 3	2. DNSKEY Resource Records . . . . . . . . . . . . . . . . . . . . 3
	2.1. Using a public key with existing cryptographic libraries. . 3	2.1. Using a public key with existing cryptographic libraries. . 3
	2.2. GOST DNSKEY RR Example . . . . . . . . . . . . . . . . . . 3	2.2. GOST DNSKEY RR Example . . . . . . . . . . . . . . . . . . 3
	3. RRSIG Resource Records . . . . . . . . . . . . . . . . . . . . 4	3. RRSIG Resource Records . . . . . . . . . . . . . . . . . . . . 4
	3.1 RRSIG RR Example . . . . . . . . . . . . . . . . . . . . . . 4	3.1 RRSIG RR Example . . . . . . . . . . . . . . . . . . . . . . 4
	4. DS Resource Records . . . . . . . . . . . . . . . . . . . . . . 5	4. DS Resource Records . . . . . . . . . . . . . . . . . . . . . . 5

	skipping to change at page 2, line 52 ¶	skipping to change at page 2, line 52 ¶
	document extends that list with the signature and hash algorithms	document extends that list with the signature and hash algorithms
	GOST [GOST3410, GOST3411],	GOST [GOST3410, GOST3411],
	and specifies how to store DNSKEY data and how to produce	and specifies how to store DNSKEY data and how to produce
	RRSIG resource records with these hash algorithms.	RRSIG resource records with these hash algorithms.

	Familiarity with DNSSEC and GOST signature and hash	Familiarity with DNSSEC and GOST signature and hash
	algorithms is assumed in this document.	algorithms is assumed in this document.

	The term "GOST" is not officially defined, but is usually used to	The term "GOST" is not officially defined, but is usually used to
	refer to the collection of the Russian cryptographic algorithms	refer to the collection of the Russian cryptographic algorithms

	GOST R 34.10-2001, GOST R 34.11-94, GOST 28147-89.	GOST R 34.10-2001[DRAFT1], GOST R 34.11-94[DRAFT2],
		GOST 28147-89[DRAFT3].
	Since GOST 28147-89 is not used in DNSSEC, "GOST" will only refer to	Since GOST 28147-89 is not used in DNSSEC, "GOST" will only refer to
	the GOST R 34.10-2001 and GOST R 34.11-94 in this document.	the GOST R 34.10-2001 and GOST R 34.11-94 in this document.

	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
	"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this	"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
	document are to be interpreted as described in [RFC2119].	document are to be interpreted as described in [RFC2119].

	2. DNSKEY Resource Records	2. DNSKEY Resource Records

	The format of the DNSKEY RR can be found in RFC 4034 [RFC4034].	The format of the DNSKEY RR can be found in RFC 4034 [RFC4034].

	skipping to change at page 3, line 52 ¶	skipping to change at page 3, line 52 ¶
	0x12 0x06 0x07 0x2a 0x85 0x03 0x02 0x02 0x23 0x01 0x06 0x07 0x2a	0x12 0x06 0x07 0x2a 0x85 0x03 0x02 0x02 0x23 0x01 0x06 0x07 0x2a
	0x85 0x03 0x02 0x02 0x1e 0x01 0x03 0x43 0x00 0x04 0x40	0x85 0x03 0x02 0x02 0x1e 0x01 0x03 0x43 0x00 0x04 0x40

	2.2. GOST DNSKEY RR Example	2.2. GOST DNSKEY RR Example

	Given a private key with the following value (the value of GostAsn1	Given a private key with the following value (the value of GostAsn1
	field is split here into two lines to simplify reading; in the	field is split here into two lines to simplify reading; in the
	private key file it must be in one line):	private key file it must be in one line):

	Private-key-format: v1.2	Private-key-format: v1.2

	Algorithm: {TBA1} (GOST)	Algorithm: {TBA1} (ECC-GOST)
	GostAsn1: MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgp9c	GostAsn1: MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgp9c
	t2LQaNS1vMKPLEN9zHYjLPNMIQN6QB9vt3AghZFA=	t2LQaNS1vMKPLEN9zHYjLPNMIQN6QB9vt3AghZFA=
	The following DNSKEY RR stores a DNS zone key for example.net	The following DNSKEY RR stores a DNS zone key for example.net

	example.net. 86400 IN DNSKEY 256 3 {TBA1} (	example.net. 86400 IN DNSKEY 256 3 {TBA1} (
	GtTJjmZKUXV+lHLG/6crB6RCR+EJR51Islpa	GtTJjmZKUXV+lHLG/6crB6RCR+EJR51Islpa
	6FqfT0MUfKhSn1yAo92+LJ0GDssTiAnj0H0I	6FqfT0MUfKhSn1yAo92+LJ0GDssTiAnj0H0I
	9Jrfial/yyc5Og==	9Jrfial/yyc5Og==
	) ; key id = 10805	) ; key id = 10805


	skipping to change at page 5, line 4 ¶	skipping to change at page 5, line 4 ¶
	Setting the inception date to 2000-01-01 00:00:00 UTC and the	Setting the inception date to 2000-01-01 00:00:00 UTC and the
	expiration date to 2030-01-01 00:00:00 UTC, the following signature	expiration date to 2030-01-01 00:00:00 UTC, the following signature
	should be created (assuming {TBA1}==249 until proper code is	should be created (assuming {TBA1}==249 until proper code is
	assigned by IANA)	assigned by IANA)

	www.example.net. 3600 IN RRSIG A {TBA1} 3 3600 20300101000000 (	www.example.net. 3600 IN RRSIG A {TBA1} 3 3600 20300101000000 (
	20000101000000 10805 example.net.	20000101000000 10805 example.net.
	k3m0r5bm6kFQmcRlHshY3jIj7KL6KTUsPIAp	k3m0r5bm6kFQmcRlHshY3jIj7KL6KTUsPIAp
	Vy466khKuWEUoVvSkqI+9tvMQySQgZcEmS0W	Vy466khKuWEUoVvSkqI+9tvMQySQgZcEmS0W
	HRFSm0XS5YST5g== )	HRFSm0XS5YST5g== )

	Note: Several GOST signatures calculated for the same message text	Note: Several ECC-GOST signatures calculated for the same message text
	differ because of using of a random element is used in signature	will differ because of using of a random element is used in signature
	generation process.	generation process.

	4. DS Resource Records	4. DS Resource Records

	GOST R 34.11-94 digest algorithm is denoted in DS RRs by the digest	GOST R 34.11-94 digest algorithm is denoted in DS RRs by the digest
	type {TBA2}.The wire format of a digest value is compatible with	type {TBA2}.The wire format of a digest value is compatible with
	RFC4490 [RFC4490], that is digest is in little-endian representation.	RFC4490 [RFC4490], that is digest is in little-endian representation.

	The digest MUST always be calculated with GOST R 34.11-94 parameters	The digest MUST always be calculated with GOST R 34.11-94 parameters
	identified by id-GostR3411-94-CryptoProParamSet [RFC4357].	identified by id-GostR3411-94-CryptoProParamSet [RFC4357].


	skipping to change at page 5, line 55 ¶	skipping to change at page 5, line 55 ¶

	5.3. Digest Sizes	5.3. Digest Sizes

	According to the GOST R 34.11-94 [GOST3411], the size of a GOST	According to the GOST R 34.11-94 [GOST3411], the size of a GOST
	digest is 256 bits.	digest is 256 bits.

	6. Implementation Considerations	6. Implementation Considerations

	6.1. Support for GOST signatures	6.1. Support for GOST signatures


	DNSSEC aware implementations SHOULD be able to support RRSIG and	DNSSEC aware implementations MAY be able to support RRSIG and
	DNSKEY resource records created with the GOST algorithms as	DNSKEY resource records created with the GOST algorithms as
	defined in this document.	defined in this document.

	6.2. Support for NSEC3 Denial of Existence	6.2. Support for NSEC3 Denial of Existence


	Any DNSSEC-GOST implementation is required to have either NSEC or	Any DNSSEC-GOST implementation MUST support both NSEC[RFC4035] and
	NSEC3 support.	NSEC3 [RFC5155]

	6.3 Byte order	6.3 Byte order

	Due to the fact that all existing industry implementations of GOST	Due to the fact that all existing industry implementations of GOST

	cryptographic libraries are returning GOST blobs in little-endian	cryptographic libraries are returning GOST blobs without
	format and in order to avoid the necessity for DNSSEC developers	transformation from little-endian format and in order to avoid the
	to handle different cryptographic algorithms differently, it was	necessity for DNSSEC developers to handle different cryptographic
	chosen to send these blobs on the wire "as is" without	algorithms differently, it was chosen to send these blobs on the
	transformation of endianness.	wire "as is" without transformation of endianness.

	7. Security considerations	7. Security considerations

	Currently, the cryptographic resistance of the GOST 34.10-2001	Currently, the cryptographic resistance of the GOST 34.10-2001
	digital signature algorithm is estimated as 2**128 operations	digital signature algorithm is estimated as 2**128 operations
	of multiple elliptic curve point computations on prime modulus	of multiple elliptic curve point computations on prime modulus
	of order 2**256.	of order 2**256.

	Currently, the cryptographic resistance of GOST 34.11-94 hash	Currently, the cryptographic resistance of GOST 34.11-94 hash
	algorithm is estimated as 2**128 operations of computations of a	algorithm is estimated as 2**128 operations of computations of a
	step hash function. (There is known method to reduce this	step hash function. (There is known method to reduce this
	estimate to 2**105 operations, but it demands padding the	estimate to 2**105 operations, but it demands padding the
	colliding message with 1024 random bit blocks each of 256 bit	colliding message with 1024 random bit blocks each of 256 bit
	length, thus it cannot be used in any practical implementation).	length, thus it cannot be used in any practical implementation).

	8. IANA Considerations	8. IANA Considerations

	This document updates the IANA registry "DNS Security Algorithm	This document updates the IANA registry "DNS Security Algorithm

	Numbers [RFC4034]"	Numbers" [RFC4034]
	(http://www.iana.org/assignments/dns-sec-alg-numbers).	(http://www.iana.org/assignments/dns-sec-alg-numbers).
	The following entries are added to the registry:	The following entries are added to the registry:
	Zone Trans.	Zone Trans.
	Value Algorithm Mnemonic Signing Sec. References Status	Value Algorithm Mnemonic Signing Sec. References Status

	{TBA1} GOST R 34.10-2001 GOST Y * (this memo) OPTIONAL	{TBA1} GOST R 34.10-2001 ECC-GOST Y * (this memo) OPTIONAL

	This document updates the RFC 4034 Digest Types assignment	This document updates the RFC 4034 Digest Types assignment
	(section A.2)by adding the value and status for the GOST R 34.11-94	(section A.2)by adding the value and status for the GOST R 34.11-94
	algorithm:	algorithm:

	Value Algorithm Status	Value Algorithm Status
	{TBA2} GOST R 34.11-94 OPTIONAL	{TBA2} GOST R 34.11-94 OPTIONAL

	9. Acknowledgments	9. Acknowledgments


	skipping to change at page 8, line 5 ¶	skipping to change at page 8, line 5 ¶
	GOST R 34.11-94, GOST R 34.10-94, and GOST R 34.10-2001	GOST R 34.11-94, GOST R 34.10-94, and GOST R 34.10-2001
	Algorithms with Cryptographic Message Syntax (CMS)",	Algorithms with Cryptographic Message Syntax (CMS)",
	RFC 4490, May 2006.	RFC 4490, May 2006.

	[RFC4491] S. Leontiev and D. Shefanovski, "Using the GOST	[RFC4491] S. Leontiev and D. Shefanovski, "Using the GOST
	R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94	R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94
	Algorithms with the Internet X.509 Public Key	Algorithms with the Internet X.509 Public Key
	Infrastructure Certificate and CRL Profile", RFC 4491,	Infrastructure Certificate and CRL Profile", RFC 4491,
	May 2006.	May 2006.


		[RFC5155] B. Laurie, G. Sisson, R. Arends and D. Blacka, "DNS
		Security (DNSSEC) Hashed Authenticated Denial of
		Existence", RFC 5155, February 2008.

	10.2. Informative References	10.2. Informative References

	[RFC4509] Hardaker W., "Use of SHA-256 in DNSSEC Delegation Signer	[RFC4509] Hardaker W., "Use of SHA-256 in DNSSEC Delegation Signer
	(DS) Resource Records (RRs)", RFC 4509, May 2006.	(DS) Resource Records (RRs)", RFC 4509, May 2006.

	[DRAFT1] Dolmatov V., Kabelev D., Ustinov I., Vyshensky S.,	[DRAFT1] Dolmatov V., Kabelev D., Ustinov I., Vyshensky S.,
	"GOST R 34.10-2001 digital signature algorithm"	"GOST R 34.10-2001 digital signature algorithm"

	draft-dolmatov-cryptocom-gost34102001-07, 12.12.09	draft-dolmatov-cryptocom-gost34102001-08, 12.12.09
	work in progress.	work in progress.

	[DRAFT2] Dolmatov V., Kabelev D., Ustinov I., Vyshensky S.,	[DRAFT2] Dolmatov V., Kabelev D., Ustinov I., Vyshensky S.,
	"GOST R 34.11-94 Hash function algorithm"	"GOST R 34.11-94 Hash function algorithm"

	draft-dolmatov-cryptocom-gost341194-06, 12.12.09	draft-dolmatov-cryptocom-gost341194-07, 12.12.09
	work in progress.	work in progress.

	[DRAFT3] Dolmatov V., Kabelev D., Ustinov I., Emelyanova I.,	[DRAFT3] Dolmatov V., Kabelev D., Ustinov I., Emelyanova I.,
	"GOST 28147-89 encryption, decryption and MAC algorithms"	"GOST 28147-89 encryption, decryption and MAC algorithms"

	draft-dolmatov-cryptocom-gost2814789-06, 12.12.09	draft-dolmatov-cryptocom-gost2814789-08, 12.12.09
	work in progress.	work in progress.

	Authors' Addresses	Authors' Addresses

	Vasily Dolmatov, Ed.	Vasily Dolmatov, Ed.
	Cryptocom Ltd.	Cryptocom Ltd.
	Kedrova 14, bld.2	Kedrova 14, bld.2
	Moscow, 117218, Russian Federation	Moscow, 117218, Russian Federation

	EMail: dol@cryptocom.ru	EMail: dol@cryptocom.ru

End of changes. 18 change blocks.
	28 lines changed or deleted	37 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/