Hi all, for all those who haven't been on saag WG at IETF 88...
Amir Herzbert and Haya Shulman has presented a quite interesting attack on UDP fragmentation that allows Kaminsky-style attacks to be real again. The saag presentation is here: http://www.ietf.org/proceedings/87/slides/slides-87-saag-3.pdf The paper describing the attack is here: http://arxiv.org/pdf/1205.4011v1.pdf More Haya Shulman's publications can be found here: https://sites.google.com/site/hayashulman/publications And some papers are also available from Google Scholar: http://scholar.google.com/scholar?hl=en&q=Amir+Herzberg%2C+Haya+Shulman+++dnssec&btnG=&as_sdt=1%2C5&as_sdtp= We gave it some thoughts here at CZ.NIC Labs and we think that the threat is real and we are now trying to write a PoC code to prove the theoretical concept. So what are the views of other people on this list? Ondrej -- Ondřej Surý -- Chief Science Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Americka 23, 120 00 Praha 2, Czech Republic mailto:ondrej.s...@nic.cz http://nic.cz/ tel:+420.222745110 fax:+420.222745112 -------------------------------------------
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
