In this final post of the DMARC series we’ll discuss the latest crypto updates to DKIM known as the DKIM Crypto Update (DCRUP) to strengthen DKIM.
Picking the Lock
While DKIM has been around for many years as one of the foundations of DMARC, weaknesses in the security of its signatures have limited its effectiveness. The DCRUP Working Group was created to update DKIM to handle more modern cryptographic algorithms and key sizes.
Currently DKIM signatures include a tag that identifies the hash algorithm and signing algorithm used in the signature. The only current algorithm is RSA and most signing keys are 1024 bits. While the RSA algorithm supports longer signatures of 2048 bits, they are generally not used because bugs in DNS provisioning software prevent publishing longer keys as DNS TXT records.
While DKIM currently supports use of SHA1 coupled with RSA, SHA1 has been formally deprecated due to weakness in numerous contexts. As the working group states explicitly “the community wishes to discourage its continued use in the DKIM context.”
The DCRUP working group will consider four types of changes to DKIM:
- Additional signing algorithms such as those based on elliptic curves
- Changes to key strength advice and requirements
- Deprecating the use of SHA1
- New public key forms, such as putting the public key in the signature and a hash of the key in the DNS to bypass bugs in DNS provisioning software that prevent publishing
longer keys as DNS TXT records.
Changes will be limited to existing, implemented algorithms and key forms. Other changes to DKIM, such as new message canonicalization schemes, are out of scope. The Working Group will, as far as possible, avoid changes incompatible with deployed DKIM signers and verifiers.
We hope you’ve found this three part blog series on DMARC updates interesting and informative. As always, your comments are appreciated and we’d love to hear from you.Get the Guide to Implementing DMARC