[cryptography] DKIM: Who cares?

John Levine johnl at iecc.com
Wed Oct 24 22:45:55 EDT 2012


> Does anyone know why they all do this?

Hi.  I'm was a member of the working group that developed DKIM.

The problem is set and forget software.  DKIM is a descendant of
Yahoo's DomainKeys, which was developed in about 2005.  DKIM is
sufficiently upward compatible with DK that most DK key records work
as DKIM key records.  So someone set up scripts to do 512 bit DK keys
back in 2006, the scripts still work, and they forgot that they were
using antique keys.  Oops.  I suspect that few people had done the
math to figure out how easy it is to crack a 512 bit key on modern
hardware, I know I hadn't.

The assertion that longer keys don't fit in UDP DNS packets is just
wrong.  The keys are stored in base64 ASCII, and my 1024 bit key
records are 240 characters long.

R's,
John




More information about the cryptography mailing list