commit bff5c64085bdda32972af7fe95a7aef46eff5a75
parent 252d848b2d9d034d81c8c681dc30b3b0d854e75a
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Wed, 22 Dec 2021 17:03:04 +0100
label attack
Diffstat:
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -2143,10 +2143,11 @@ NICK: john (Supplemental)
<t>
Record blocks are published encrypted using keys derived from the
zone public key and record label. Zone administrators should
- carefully consider if the label may be public or if it should be
- used and considered as a shared secret. Labels can be guessed by
+ carefully consider if the label and zone key may be public or if
+ those should be used and considered as a shared secret.
+ Unlike zone keys, labels can also be guessed by
an attacker in the network observing queries and responses. Given
- a targeted zone public key, the use of well known or easily guessable
+ a known and targeted zone public key, the use of well known or easily guessable
labels effectively result in general disclosure of the records to
the public.
If the labels and hence the records should be kept secret except to
@@ -2154,6 +2155,12 @@ NICK: john (Supplemental)
label must be chosen accordingly. It is recommended to then use a
label with sufficient entropy as to prevent guessing attacks.
</t>
+ <t>
+ It should be noted that this attack on labels only applies if the
+ zone public key is somehow disclosed to the adversary. GNS itself
+ does not disclose it during a lookup or when resource records are
+ published as the zone keys are blinded beforehand.
+ </t>
</section>
</section>
<section anchor="gana" numbered="true" toc="default">
