Re: [Openvpn-users] Recommendations for maximum cryptographic security

[Gert Doering]

Hi,

On Thu, Dec 15, 2016 at 01:22:51AM +, debbie10t wrote:
> > in a post-quantum world both EC and RSA will/might be trivial to solve.
> 
> In a 'post' what ?
> 
> I will believe it "when I see it with my own ears" for myself.

the point here is: the propability that a quantum computer will arrive
in 10-15 years time is not zero.  It might not happen, but maybe it might.

So if you have communication that is important enough that you do NOT
want the NSA to read it in 15 years from now, you can not use classic
diffie-hellmann for key exchange - because it will be broken, and then
all your sniffed-and-saved-for-breaking-later communication will be 
out in the clear.

If you use OpenVPN to securely access remote networks, and do not care
about anyone decrypting the stuff a week later - nothing to worry, for
many years to come.

But do not dismiss the wisdom of people better at math than you (and I).

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


signature.asc
Description: PGP signature
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Can openvpn use compressed config file directly, say ``--config file.tar.gz''?

[Gert Doering]

Hi,

On Wed, Dec 14, 2016 at 03:11:00PM +, John Lauro wrote:
> Never tried it with openvpn, but the following should work:
>   ``--config <(gunzip 

signature.asc
Description: PGP signature
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Recommendations for maximum cryptographic security

[Gregory Sloop]

A working Quantum computer with sufficient capacity will obsolete EC, RSA etc.
It will all be game-over.
End of story. [At least mostly.]

But by the time a quantum computer with the sufficient qbits becomes available, 
we'll likely understand [a lot] better the ramifications of such a machine and 
will likely have some sufficient response. From my quite limited understanding, 
I think even our theoretical understanding of quantum computing, and its impact 
on cryptography as a whole, is pretty limited. As a result, I think counter 
measures or responses to QC and cryptography questions/issues are also quite 
immature.

So, I don't think it's worth while doing a lot at the current moment in an 
attempt to avoid QC attacks. IMO, any evasive steps you might take are as 
likely to be effective as chance - and thus not worth the effort.

Just my $0.02
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Recommendations for maximum cryptographic security

[debbie10t]

On 14/12/16 14:40, Jan Just Keijser wrote:
> Hi,
>
> David's remarks are correct. I've added some small nuances below, but
> overall the answers do not change.
>
> On 14/12/16 12:40, David Sommerseth wrote:
>> On 14/12/16 07:54, Kevin Long wrote:
>>> 1. Use easy-rsa3 or equivalent openssl commands to generate your
>>> keys/certificates using elliptic curve (instead of RSA).
>> I'm no crypto expert, but I believe there are some concerns about EC
>> and post-quantum computing, where it is believed that RSA will be
>> somewhat stronger

> in a post-quantum world both EC and RSA will/might be trivial to solve.

In a 'post' what ?

I will believe it "when I see it with my own ears" for myself.




--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Can openvpn use compressed config file directly, say ``--config file.tar.gz''?

[Hongyi Zhao]

On Wed, 14 Dec 2016 15:11:00 +, John Lauro wrote:

> Never tried it with openvpn, but the following should work:
>   ``--config <(gunzip http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Experts' opinions needed: Is my VPN provider using weak or strong encryption algorithms?

[Steffan Karger]

Hi,

On 14-12-16 17:31, Sebastian Rubenstein wrote:
> I hope that some experts here will be able to tell me if my VPN provider uses 
> weak encryption standards with regards to encryption/decryption of control 
> channel authentication and data channel? Thanks.
> 
> Below is a sample of a redacted config file:
> 
> tls-client

This means you're using TLS for forward secrecy, and are refreshing you
data channel keys (at least) hourly.  That's good.

> remote-cert-tls server

You are checking that you are connecting to someone with a *server*
certificate (so not just some other client pretending to be a server).

> cipher AES-256-CBC
> auth SHA512

You are using AES-256-CBC for data channel encryption, which is very
strong, and HMAC-SHA512 for data channel authentication, which is very
strong too (frankly, overly strong.  SHA256 gives you 32 bytes per
packet overhead instead of 64, and is also very strong).

> key-direction 1
> 
> #
> # 2048 bit OpenVPN static key
> #
> -BEGIN OpenVPN Static key V1-
> 
> Large chunks of alphanumeric text
> 
> -END OpenVPN Static key V1-
> 

You're using TLS-auth to protect against mitm attacks on your TLS
connection, which is very good.  key-directing 1 means you are using
different keys for client-server and server-client traffic, which is
good too.

> Wed Dec 7 08:27:57 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 
> ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

Your private key is RSA-4096, which is plenty strong too.  You might
want to consider elliptic curve certificates to gain some connection
setup speed, but you will probably not gain any extra security by that.

So, all in all, very decent setup.  Once you move to OpenVPN 2.4 (which
is nearing release), you switch from --tls-auth to --tls-crypt for some
"poor-man's" post-quantum security, and use AES-256-GCM for more
efficiency on the data channel.

-Steffan

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Request: Copy or Move openvpn_2.3.14-jessie0_amd64.deb and update hashsums in Packages file

[Samuli Seppänen]

Il 14/12/2016 18:39, Sebastian Rubenstein ha scritto:
> Hi Samuli
>
> When you have time to spare, could you copy/move 
> openvpn_2.3.14-jessie0_amd64.deb to 
> http://swupdate.openvpn.net/apt/pool/jessie/main/o/openvpn/ please?
>
> Moreover, please update the Packages file in 
> http://swupdate.openvpn.net/apt/dists/jessie/main/binary-amd64/Packages with 
> the hashsums of openvpn_2.3.14-jessie0_amd64.deb
>
> Thank you for your assistance.
>
> Sebastian
>

Interesting that 2.3.14 is missing from there. I will look into it.

Btw. if you're interested in more fine-grained options on which OpenVPN 
packages to install, have look at the four new repos on build.openvpn.net:



OpenVPN 2.3.14 should be in the "release/2.3" and "stable" repos.

Best regards,
-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] Request: Copy or Move openvpn_2.3.14-jessie0_amd64.deb and update hashsums in Packages file

[Sebastian Rubenstein]

Hi Samuli

When you have time to spare, could you copy/move 
openvpn_2.3.14-jessie0_amd64.deb to 
http://swupdate.openvpn.net/apt/pool/jessie/main/o/openvpn/ please?

Moreover, please update the Packages file in 
http://swupdate.openvpn.net/apt/dists/jessie/main/binary-amd64/Packages with 
the hashsums of openvpn_2.3.14-jessie0_amd64.deb

Thank you for your assistance.

Sebastian

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] Experts' opinions needed: Is my VPN provider using weak or strong encryption algorithms?

[Sebastian Rubenstein]

Hi,

I hope that some experts here will be able to tell me if my VPN provider uses 
weak encryption standards with regards to encryption/decryption of control 
channel authentication and data channel? Thanks.

Below is a sample of a redacted config file:

remote-random
remote somevpn.com 443
proto tcp-client
tls-client
dev tun
persist-tun
persist-key
nobind
pull
redirect-gateway def1
route-delay 3
auth-user-pass password.txt
verb 3
remote-cert-tls server
key-direction 1
cipher AES-256-CBC
auth SHA512
mute-replay-warnings
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

-BEGIN CERTIFICATE-

Large chunks of alphanumeric text

-END CERTIFICATE-


#
# 2048 bit OpenVPN static key
#
-BEGIN OpenVPN Static key V1-

Large chunks of alphanumeric text

-END OpenVPN Static key V1-



Below is the client-side log when my machine is trying to connect to one of the 
VPN servers. It has been redacted for clarity:


Wed Dec 7 08:27:54 2016 OpenVPN 2.3.14 x86_64-pc-linux-gnu [SSL (OpenSSL)] 
[LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Dec  7 2016
Wed Dec 7 08:27:54 2016 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.08
Wed Dec 7 08:27:54 2016 WARNING: file 'password.txt' is group or others 
accessible
Wed Dec 7 08:27:54 2016 NOTE: the current --script-security setting may allow 
this configuration to call user-defined scripts
Wed Dec 7 08:27:54 2016 Control Channel Authentication: tls-auth using INLINE 
static key file
Wed Dec 7 08:27:54 2016 Outgoing Control Channel Authentication: Using 512 bit 
message hash 'SHA512' for HMAC authentication
Wed Dec 7 08:27:54 2016 Incoming Control Channel Authentication: Using 512 bit 
message hash 'SHA512' for HMAC authentication

(redacted for clarity)

Wed Dec 7 08:27:56 2016 Validating certificate key usage
Wed Dec 7 08:27:56 2016 ++ Certificate has key usage  00a0, expects 00a0
Wed Dec 7 08:27:56 2016 VERIFY KU OK
Wed Dec 7 08:27:56 2016 Validating certificate extended key usage
Wed Dec 7 08:27:56 2016 ++ Certificate has EKU (str) TLS Web Server 
Authentication, expects TLS Web Server Authentication
Wed Dec 7 08:27:56 2016 VERIFY EKU OK
Wed Dec 7 08:27:56 2016 VERIFY OK: depth=0, CN=de1-4096
Wed Dec 7 08:27:57 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized 
with 256 bit key
Wed Dec 7 08:27:57 2016 Data Channel Encrypt: Using 512 bit message hash 
'SHA512' for HMAC authentication
Wed Dec 7 08:27:57 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized 
with 256 bit key
Wed Dec 7 08:27:57 2016 Data Channel Decrypt: Using 512 bit message hash 
'SHA512' for HMAC authentication
Wed Dec 7 08:27:57 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 
ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Can openvpn use compressed config file directly, say ``--config file.tar.gz''?

[John Lauro]

Never tried it with openvpn, but the following should work:
  ``--config <(gunzip 
Sent: Wednesday, December 14, 2016 9:49 AM
To: openvpn-users@lists.sourceforge.net
Subject: [Openvpn-users] Can openvpn use compressed config file directly, say 
``--config file.tar.gz''?

Hi all,

Can openvpn use compressed config file directly, say ``--config
file.tar.gz''?

Regards
--
.: Hongyi Zhao [ hongyi.zhao AT gmail.com ] Free as in Freedom :.


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Can openvpn use compressed config file directly, say ``--config file.tar.gz''?

[Gert Doering]

Hi,

On Wed, Dec 14, 2016 at 02:49:14PM +, Hongyi Zhao wrote:
> Can openvpn use compressed config file directly, say ``--config 
> file.tar.gz''?

No.

... and there is no benefit to do so - config files are small, and since
you can inline everything in a single .ovpn, no need to lump around a
container format like .tar or .zip either.

gert
-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


signature.asc
Description: PGP signature
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Can openvpn use compressed config file directly, say ``--config file.tar.gz''?

[Jan Just Keijser]

Hi,

On 14/12/16 15:49, Hongyi Zhao wrote:
> Hi all,
>
> Can openvpn use compressed config file directly, say ``--config
> file.tar.gz''?
>
>
I can only answer: No, the config file needs to be plaintext.

HTH,

JJK



--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] Can openvpn use compressed config file directly, say ``--config file.tar.gz''?

[Hongyi Zhao]

Hi all,

Can openvpn use compressed config file directly, say ``--config 
file.tar.gz''?

Regards
-- 
.: Hongyi Zhao [ hongyi.zhao AT gmail.com ] Free as in Freedom :.


--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Recommendations for maximum cryptographic security

[Jan Just Keijser]

Hi,

David's remarks are correct. I've added some small nuances below, but 
overall the answers do not change.

On 14/12/16 12:40, David Sommerseth wrote:
> On 14/12/16 07:54, Kevin Long wrote:
>> 1. Use easy-rsa3 or equivalent openssl commands to generate your
>> keys/certificates using elliptic curve (instead of RSA).
> I'm no crypto expert, but I believe there are some concerns about EC
> and post-quantum computing, where it is believed that RSA will be
> somewhat stronger (or do I confuse this with AES?).  To my knowledge,
> there are nobody saying RSA-4096 are broken or weak.
in a post-quantum world both EC and RSA will/might be trivial to solve. 
AES encryption is still fundamentally OK, but the hard part is getting 
the keying information exchanged. For that you'd now use EC, RSA or DSA, 
all of which are done for with the proper quantum computer.

>> 2. Use the new —tis-crypt feature rather than just —tis-auth (openvpn 2.4 )
> Yes, this will definitely help, and it is even slated as a kind of
> "poor mans post-quantum solution" until we have something better.
>
>> 3. Set tls-minimum to 1.2 on both client/server
> Sounds reasonable.  It sure protects against any downgrade attacks. But
> on the other hand: If using --tls-crypt/--tls-auth, this can anyhow only
> happen by one of the clients you have shared a static key with.

It's the pre-shared static key which helps you in the post-quantum world 
- even a quantum computer will have difficulty decoding a (large) 
preshared key.
>
>> 4. Use a great tls-cipher that utilizes elliptic curve :
>>   TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384  ( ?? )
>> 5. Use a great cipher for openvpn data channel:  AES-256-GCM  (openvpn
>> 2.4)   ( ?? )
> If you use OpenVPN 2.4 on both sides, the crypto will be upgraded to
> the strongest one by default.  No need to tie yourself to specific
> configuration settings.
>
>  From my own client log file, where I do not have --cipher nor
> --tls-cipher.  Both sides run a 2.4_rc/git master version.
>
> Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 
> 4096 bit RSA
> Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
> Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
>
> Now, the interesting detail here is that my certificates are not EC
> certificates, but it has negotiated ECDHE-RSA-AES256-GCM-SHA384 for the
> control channel.  (But EC certificates goes further than just ECDHE and
> AES-256-GCM)
>
>
you don't need EC certificates to negotiate an ECDHE-* cipher. Even when 
you're visiting a secure website using something like Firefox or Chrome 
you'd end up with an ECDHE cipher: just check the web server log files.

cheers,

JJK / Jan Just Keijser


--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Recommendations for maximum cryptographic security

[David Sommerseth]

On 14/12/16 07:54, Kevin Long wrote:
> 1. Use easy-rsa3 or equivalent openssl commands to generate your
> keys/certificates using elliptic curve (instead of RSA).

I'm no crypto expert, but I believe there are some concerns about EC
and post-quantum computing, where it is believed that RSA will be
somewhat stronger (or do I confuse this with AES?).  To my knowledge,
there are nobody saying RSA-4096 are broken or weak.

> 2. Use the new —tis-crypt feature rather than just —tis-auth (openvpn 2.4 )

Yes, this will definitely help, and it is even slated as a kind of
"poor mans post-quantum solution" until we have something better.

> 3. Set tls-minimum to 1.2 on both client/server

Sounds reasonable.  It sure protects against any downgrade attacks. But
on the other hand: If using --tls-crypt/--tls-auth, this can anyhow only
happen by one of the clients you have shared a static key with.

> 4. Use a great tls-cipher that utilizes elliptic curve :
>  TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384  ( ?? )
> 5. Use a great cipher for openvpn data channel:  AES-256-GCM  (openvpn
> 2.4)   ( ?? )

If you use OpenVPN 2.4 on both sides, the crypto will be upgraded to
the strongest one by default.  No need to tie yourself to specific
configuration settings.

From my own client log file, where I do not have --cipher nor
--tls-cipher.  Both sides run a 2.4_rc/git master version.

Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 
bit RSA
Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key

Now, the interesting detail here is that my certificates are not EC
certificates, but it has negotiated ECDHE-RSA-AES256-GCM-SHA384 for the
control channel.  (But EC certificates goes further than just ECDHE and
AES-256-GCM)

For more on the deeper crypto details, I'll leave that to Steffan as he
understands all of this far better.


-- 
kind regards,

David Sommerseth
OpenVPN Technologies, Inc




signature.asc
Description: OpenPGP digital signature
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users