|
I noticed that the default DH keysize in FreeRadius 1.1.3 is 512 bits.
As DH keys have approximately the same strength as RSA keys, and 512
bit RSA keys have already been broken, wouldn't it be adviseable to use
at least 1024 bit DH keys as the minimum size. 1024 bits is currently
the minimum recommended size for a DSA/RSA certificate. It might also
be a good idea to include the option commented out in eap.conf so users
know that it's something they can change. I originally thought that the
DH keysize would be determined by the DH parameter file and only
realized that it was still using 512 bit keys when I ran freeradius in
debug mode. As fas as performance goes, I've tested with 2048 bit and
3072 bit DH keys with no performance degredation. Authentication occurs
in 1-2 seconds using the Funk Odyssey client on Windows XP SP2 with
3072 bit RSA certificates and 3072 bit DH key exchange. Also, it might be a good idea to put a comment in the TLS cipher suite comment section that the Microsoft Windows supplicant in Windows XP SP2 uses RC4-MD5 by default (TLS_RSA_WITH_RC4_128_MD5). First, MD5 is deprecated and weak. SHA-1 should be used in its place. Secondly, DH is preferable to RSA for key exchange because it provides perfect forward secrecy. If RSA is used for encryption, a compromise of the client private key would allow an attacker to gain access to the master keys used to encrypt all prior wireless sessions whereas fresh DH keys are produced on each authentication and deleted after use. OpenSSL's 'HIGH' setting is probably the best for a Windows XP user as it uses EDH-RSA-DES-CBC3-SHA (TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA), so SHA1 is used for integrity, and DH is used for key exchange. Windows XP SP2 and earlier versions of Windows do not support AES for use in any of the EAP modes. Apparently, if you want to use AES you need to upgrade to Vista (See Security in Vista) or use a 3rd party supplicant like the Funk Odyssey Client which I use (uses TLS_DH_RSA_WITH_AES_256_CBC_SHA with default Freeradius setup). Jason Wittlin-Cohen |
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
