Readit Newsawulf commented on Cracking a 512-bit DKIM key for less than $8 in the cloud dmarcchecker.app/articles... · Posted by u/awulf
Any tips on how to easily fetch the key length of DKIM-Keys from DNS? Just by looking at the DNS entries I can't easily determine the key length ;)
An easy way is to check the length of the p= value in the DKIM record. If it's around 216 characters, it's likely a 1024-bit key. A 2048-bit key usually has about 388 characters.
awulf commented on Cracking a 512-bit DKIM key for less than $8 in the cloud dmarcchecker.app/articles... · Posted by u/awulf
> Although most providers correctly identified the 512-bit key as insecure and rejected our DKIM signature, three major providers — Yahoo Mail, Mailfence, and Tuta — reported a dkim=pass result.
Did google really FAIL because of DKIM signature being insecure or because SPF failed?
The DKIM verification failed with the result "dkim=policy (weak key)," as it should according to RFC 8301: "Verifiers MUST NOT consider signatures using RSA keys of less than 1024 bits as valid signatures."
awulf commented on Cracking a 512-bit DKIM key for less than $8 in the cloud dmarcchecker.app/articles... · Posted by u/awulf
The interesting question is: Did these sites forget that they have these records, or have they perhaps forgot how to rotate their keys.
I guess most of these keys are decades old and no longer in use. They're likely just sitting in the DNS because someone forgot to delete them. Now, no one's sure if they're still needed and is afraid to remove them in case it breaks something. Or maybe they're still used by a legacy system, and no one realizes the impact an old DKIM record could have.
awulf commented on Cracking a 512-bit DKIM key for less than $8 in the cloud dmarcchecker.app/articles... · Posted by u/awulf
Love the practicality demonstrated here. It is unclear how old this article is. Based on the poster's previous submissions, I assume today?
I published the article today, though it was written a few months ago (when the DKIM record was still online).
awulf commented on Cracking a 512-bit DKIM key for less than $8 in the cloud dmarcchecker.app/articles... · Posted by u/awulf
So 1,700 out of 1,000,000, i.e. around 0.2%. "Not common" is one way of putting it, I guess.
I agree, but to be precise, it was 1,726 out of 476,617 DKIM keys found across those 1M domains, or about 0.36%. Since it's impossible to determine all DKIM records a domain might have from the outside, I used a list of commonly used selectors (e.g., "default' or 'key1") for the search. It's likely there are additional short keys under selectors I didn't check.
awulf commented on BIMI and DMARC Can't Save You: The Overlooked DKIM Exploit zone.eu/blog/2024/05/17/b... · Posted by u/obscurette
Shameless plug: My DMARC Checker at https://dmarcchecker.app/ displays a warning message if it encounters a DKIM signature header with an 'l=' tag:
"The 'l=' tag limits how many bytes of the email body are included in the body hash. This may allow an attacker to alter/expand the message in a way that it still passes DKIM validation."
Additionally, the tool alerts you to the use of weak RSA keys or SHA1.
By the way, less than 0.4% of all emails checked make use of the 'l=' tag.
And all that just for the privilege of being able to send email to some gmail accounts. Trying to get email to properly encrypt is pulling teeth and yet I still get hundreds of thousands of spam a month on my gmail account.
Any time I have to set up an email server on a new system I just kind of die a little.