BLOG

How long is your DKIM key?

While we were at M3AAWG, Wired published an article talking about how simple it was to crack DKIM keys. I didn’t post about it at the time because it didn’t really seem like news. DKIM keys smaller than 1024 are vulnerable and not secure and the DKIM spec does not recommend using keys smaller than 1024. When I asked the DKIM-people-who-would-know they did tell me that the news was that the keys had been cracked and used in the wild to spoof email.

Fair enough.

If you are signing with DKIM, use a key 1024 or longer. Anything shorter and your risk having the key cracked and your mail fraudulently signed.

This morning M3AAWG published recommendations on keeping DKIM keys secure.

  • Updating to a minimum 1024-bit key length.  Shorter keys can be cracked in 72 hours using inexpensive cloud services
  • Rotating keys quarterly
  • Setting signatures to expire after the current key rotation period and revoking old keys in the DNS
  • Using the key test mode only for a short time period and revoking the test key after the ramp-up
  • Implementing DMARC in monitoring mode and using DNS to monitor how frequently keys are queried. DMARC (Domain-based Message Authentication, Reporting and Conformance) is another standard often used in conjunction with DKIM
  • Using DKIM rather than Domain Keys, which is a depreciated protocol
  • Working with any third parties hired to send a company’s email to ensure they are adhering to these best practices

M3AAWG

Google took a good step in encouraging folks to upgrade to more secure keys. According to Return Path Gmail is currently failing DKIM for any key 512 and shorter. Keys between 512 and 1024 are still validating, but Gmail will start failing any keys smaller than 1024 in the near future.

 

6 comments

  1. Martijn says

    I think it’s good to mention here that, assuming Google does things the proper way, “failing DKIM” means they will pretend there is no DKIM key. They will not “fail” (i.e. block or bounce) the messages themselves. So if you’re reading this and your key length is 512 bits, you don’t have to fix it tonight, you can fix it first thing in the morning.

  2. protodave says

    After that vulnerability was reported I wrote tool to check DKIM TXT records and determine their key length so you can see if you are using a short key (less than 1024 bits):
    http://www.protodave.com/tools/dkim-key-checker/

  3. Kent says

    protodave, that’s a great little tool for checking DKIM keys….thanks.

  4. Kathy says

    you mean this article?
    http://www.wired.com/threatlevel/2012/10/dkim-vulnerability-widespread/

    1. laura says

      Yup. I even linked to it in my blog post.

  5. JP Melis says

    When will the “big guys” (Google, MS, Yahoo) in their eternal wisdom decide that 1024 is too short as well? What I’m seeing in the field is 2048 keys being used forever. Big third party mailers telling their customers to put their generic public key as a TXT-record in their DNS. For starters they compromise their customer’s goal to have control over their domain as now all their other customers can mail as another customer. When that strong key is somehow compromised they can’t really refresh the key as they have no close relationship with their customers to make sure their TXT-record gets updated in DNS.
    I myself use 2 selectors and tell my customers to create 2 cnames which point to 2 TXT-records that contain a 1024-bit public key. Those keys will be used for 3 days and will have a lifetime of 6 days.
    I strongly believe that shortlived short keys are much better than longlived long keys.

Comment:

Your email address will not be published. Required fields are marked *



  • OTA joins the ISOC

    The Online Trust Alliance (OTA) announced today they were joining forces with the Internet Society (ISOC). Starting in May, they will operate as an initiative under the ISOC umbrella. “The Internet Society and OTA share the belief that trust is the key issue in defining the future value of the Internet,” said Internet Society President and CEO, Kathryn Brown. “Now is the right time for these two organizations to come together to help build user trust in the Internet. At a time when cyber-attacks and identity theft are on the rise, this partnership will help improve security and data privacy for users,” added Brown.No Comments


  • Friday blogging... or lack of it

    It seems the last few Friday's I've been lax on posting. Some of that is just by Friday I'm frantically trying to complete all my client deliverables before the weekend. The rest of it is by Friday I'm just tired. Today had the added complication of watching the Trumpcare debate and following how (and how soon) it would affect my company if it passed. That's been a bit distracting, along with the other stuff I posted about yesterday. I wish everyone a great weekend.1 Comment


Archives