8 comments

  1. MikeN, DKIM is an authentication methodology. Given that, "it" cannot be forged. I assume what you're wanting to know is if an e-mail sent while using DKIM could be forged. The answer to that is, "Mostly no."

    The word "mostly" is important for people interested in security, but for most practical purposes, it could be dropped. You see, what DKIM does is have (portions of) e-mails run through an algorithm to produce a string of characters that can be used a digital signature. The algorithm (there are actually several which can be used, but that's not important here) takes what is called a "private key" as input in generating that signature. You can think of that private key as a password.

    The trick, however, is the algorithm is designed in a way you can verify the private key was used without having access to it. This is because the private key is paired with what is called the "public key." The public key does not allow you to generate the digital signature. It only allows you to verify that its corresponding private key was used. To understand the concept, consider the following three equations:

    1 + 1 = 2
    4 - 2 = 2
    12/6 = 2

    Each of these equations gives the same result. If all you had was the result, you would have no way to know what equation or variables were used to generate it. That's basically what public keys do. They don't tell you how to come up with a particular signature, but they do verify that signature turned out correctly.

    Now, the calculations used in DKIM are obviously far more complex. There will still be multiple ways to get the same signature, but it is (basically) random what characters being fed into the algorithm will produce duplicates. The odds of generating the same signature twice with readable text is minute. The result is if a DKIM signature checks out, the e-mail probably came from the specified domain.

    There are a lot of caveats though. First, it is possible someone might obtain a domain's private key (either by stealing it like they might a password or brute force guessing it). In that case, they could forge any e-mails they wanted. Similarly, DKIM is used to verify the domain (sort of like a website, it's the part that comes after the @ in an e-mail address). A signature may verify an e-mail came from that network, but that doesn't mean it came from the person listed in the e-mail address. It might not even be from someone who is supposed to be using that network.

    I could go into more detail, but I think that's probably more than you wanted to know. The short version is is forging an e-mail like those released by Wikileaks which is signed by a DKIM signature is not practically feasible. It's not entirely impossible, but it'd be a incredibly remarkable thing if it happened in any e-mails like those being focused upon in political discussions of late.

  2. Thanks. I had read it was impossible, but I was thinking about what if you already have some e-mails from the sender, as Wikileaks source would. Also, if it is the Russians, which I am doubting after seeing that John Podesta's password was p@ssw0rd, then they would have more resources to bring to break RSA or whatever it is using. Now that I think about it, DKIM would have to be strong enough to withstand the attack I was considering, or their $600 prize would have been collected.

  3. MikeN:

    Now that I think about it, DKIM would have to be strong enough to withstand the attack I was considering, or their $600 prize would have been collected.

    Fun fact, DKIM doesn't have to be difficult to break at all to prevent that prize from being collected. DKIM could be completely solvable with trivial algorithms and the challenge would still be impossible.* The thing to realize is that challenge isn't about breaking any encryption.

    To understand why, imagine if we wanted to create a digital signature for a string of numeric characters of whatever length. We decide to take a very simple approach and say, "Add up all the digits and use whatever comes up in the ones column." We could then apply it to:

    12345 = 15 = 5
    34567 = 25 = 5

    In both cases, we came up with the exact same digital signature. That's what the $600 challenge is asking us to do. It challenges people to make a file with readable text that comes up with an identical signature to the one that e-mail has. That doesn't require breaking anything. You just look for an input to the algorithm which creates the same output.

    The key to this is what we call "collision space." Because the digital signatures created in something like DKIM is far shorter than the input might be, multiple inputs can wind up producing the same output. When that happens, it is called a "collision." The collision space tells us how often such collisions will happen.

    Things like DKIM use a sufficient amount of randomness in their algorithms so that the collision space is very large. The result is you should never* get collisions with readable text. You can get collisions with randomized strings of text simply because of how many possible inputs there are. It's just the amount of possible inputs vs. the amount of possible inputs that would be human-readable (as in something which could plausibly be a real e-mail) is so great the odds are basically infinitesimal.

    What this means is that challenge has nothing to do with the strength of any encryption or how difficult it would be to crack.

    *Technically, two readable e-mails could result in the same output by pure chance. The odds of it happening are astronomical so I don't want to add a caveat every time I write a word like "impossible."

  4. As a note of clarification, collision space doesn't directly tell us how often collisions will happen. Collision space tells us how many possible outcomes there are for the algorithm. We can use that to determine how often collisions will happen and use information about how many inputs are possible to come up with an idea of how secure any given algorithm is for any particular situation. I don't know that that distinctions matters to anyone, but I wanted to lay it out just in case.

    It shouldn't matter for something like DKIM. The collision space in any algorithm used by DKIM should be large enough nobody could ever win that challenge. Even if one had a list of every possible input that would result in the same digital signature, it's highly unlikely any would be legible text that could pass as a real e-mail.

  5. You can multiply the power of your opinion by convincing people on the other side to stay home on election day. Every vote you suppress on the other side is like an extra vote for you. And there’s no limit to how many you can have!

    Um... Yeah, there kind of is a limit.

Leave a Reply

Your email address will not be published. Required fields are marked *