Jump to content
Not connected, Your IP: 3.138.183.117
AirVPN
Sign in to follow this  
Followers 0
44blablabla

[feature request] support for multiple certificates

By 44blablabla, 01/06/2015 in General & Suggestions

Recommended Posts

44blablabla    2

44blablabla
Posted 01/06/2015

It would be awesome if the client area had an option to regenerate the client certificate (in case it leaked) and to generate multiple certificates. This would allow the usage of a seperate unique certificate for every of the 3 possible parallel connections.

The rationale behind this is that I don't trust my android cell phone but still would like to be able to use airvpn on my android. With multiple certificates that would be possible without risking the privacy of the other vpn connections.

Share this post

Link to post

zhang888    1066

zhang888
Posted 01/06/2015

Air uses TLS authentication which means Perfect Forward Secrecy is enabled.

In such setup, even if an adversary captures your traffic and saves it, and then obtains your certificates and keys in any way, the traffic cannot be decrypted in a reasonable timeframe.

 

That means there is no risk to even share your keys with others (if you dont mind that they will use the allowed 3 connections, of course)

44blablabla reacted to this

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post

Link to post

44blablabla    2

44blablabla
Posted 01/06/2015

My understanding of perfect forward secrecy might be wrong but I always assumed that it only protects old data, that is traffic which was recorded before the used certificate/private key was captured. But if someone can get the certificate / private key, it should be possible to decode all further communications after this point in time (due to MITM). 

Share this post

Link to post

44blablabla    2

44blablabla
Posted 01/06/2015

Btw are you sure perfect forward secrecy is used? My openvpn says I'm connected using DHE-RSA-AES256-SHA. DH probably means diffie hellman which offers PFS, but RSA does not.

Share this post

Link to post

Staff    10113

Staff
Posted 01/06/2015

Hello,

 

note that your definition of PFS is wrong:

https://en.wikipedia.org/wiki/Forward_secrecy#Perfect_forward_secrecy

 

We confirm to you that our cryptographic setup satisfies the properties of PFS. From your client logs you can see that Data Channel keys (used to encrypt the traffic) are re-negotiated every hour through DHE (Diffie-Hellman Exchange).

 

Kind regards

44blablabla reacted to this

Share this post

Link to post

44blablabla    2

44blablabla
Posted 01/06/2015

Thx for your answers, I think I got it now. So basically a leaked client cert would only allow an attacker to impersonate the clients identity but doesn't result in access to the sessions master key as the parameters used to calculate it are only authenticated, not encrypted, using the private key. This makes PFS even better than I thought it was

Staff reacted to this

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...
We do NOT use cookies to profile or track users.I understandMore information