Jump to content
Not connected, Your IP: 18.218.71.21
SodaStream

Is Airvpn affected by the fact that SHA1 has been made unsecure?

Recommended Posts

AirVPN uses SHA1 to hash clients VPN keys and servers keys. Nothing else. Authentication digests for OpenVPN Data and Control Channel are HMAC SHA1 (or HMAC SHA384) where the mentioned problem is obviously irrelevant, not applicable.

Some servers keys already use SHA512. A complete migration is due in some week.

User will soon be able to regenerate directly a brand new set of features on devices management, currently under testing.

It would cost around $500,000-$800,000 to replicate the computational effort Google did to find one SHA1 collision.

Even if anyone wants to try it, the worst damage he/she can do is using the VPN access subscription of the targeted user. A regular subscription is astronomically cheaper.

 

It would not even affect the ability to decrypt targeted user data or log in website. Not realistic.

 

Kind regards

Share this post


Link to post

AirVPN uses SHA1 to hash clients VPN keys and servers keys. Nothing else. Authentication digests for OpenVPN Data and Control Channel are HMAC SHA1 (or HMAC SHA384) where the mentioned problem is obviously irrelevant, not applicable.

 

Some servers keys already use SHA512. A complete migration is due in some week.

User will soon be able to regenerate directly a brand new set of features on devices management, currently under testing.

 

It would cost around $500,000-$800,000 to replicate the computational effort Google did to find one SHA1 collision.

 

Even if anyone wants to try it, the worst damage he/she can do is using the VPN access subscription of the targeted user. A regular subscription is astronomically cheaper.

 

It would not even affect the ability to decrypt targeted user data or log in website. Not realistic.

 

Kind regards

 

Does this mean we will be able to regenerate our certs in an upcoming version of Eddie? 

Share this post


Link to post

AirVPN uses SHA1 to hash clients VPN keys and servers keys. Nothing else. Authentication digests for OpenVPN Data and Control Channel are HMAC SHA1 (or HMAC SHA384) where the mentioned problem is obviously irrelevant, not applicable.

 

Some servers keys already use SHA512. A complete migration is due in some week.

User will soon be able to regenerate directly a brand new set of features on devices management, currently under testing.

 

It would cost around $500,000-$800,000 to replicate the computational effort Google did to find one SHA1 collision.

 

Even if anyone wants to try it, the worst damage he/she can do is using the VPN access subscription of the targeted user. A regular subscription is astronomically cheaper.

 

It would not even affect the ability to decrypt targeted user data or log in website. Not realistic.

 

Kind regards

 

Ok, I'm going to play devil's advocate on this one just because I think it's a bit naive to just ignore the ability to now attack SHA1.

 

What you say is true, at $500K-$800K, there is certainly a barrier/disincentive for the average person doing average things with a VPN connection.  For those people, this is out, obviously.  You'd just buy your own sub and use it.  Let's ignore the fact that with spot instances, etc. it was said that it could be done as cheaply as $110K on AWS.  Irrelevant for the average person anyways as it's still way too much.

 

But what if you aren't an average person?  What if you're, as Donald Trump would say, "a real bad dude"?  As you said, the worst that can happen is someone can gain access to another user's VPN account here.  Well, as much as I trust AirVPN -- and I do -- if one of America's fine 3 lettered agencies came running to you and showed you proof that an active user of your service was in the middle of planning a plot to <fill in your worst nightmare here>, I'd have to believe that if that blank is bad enough, you're going to turn over whatever info you have pertaining to that active session, right (I hope)?

 

Well, here's hoping the "bad dude" didn't randomly (or otherwise) pick my vpn account to hack into.

 

The plausibility of all of this?  Negligible, undoubtedly.  But now that SHA1 is proven insecure, definitely not impossible because if you're willing to fill in the blank above with something that awful, what's a million bucks or so?  Probably not much in the scheme of things.

 

[ok, conspiracy cap is now off.]

Share this post


Link to post

 

AirVPN uses SHA1 to hash clients VPN keys and servers keys. Nothing else. Authentication digests for OpenVPN Data and Control Channel are HMAC SHA1 (or HMAC SHA384) where the mentioned problem is obviously irrelevant, not applicable.

 

Some servers keys already use SHA512. A complete migration is due in some week.

User will soon be able to regenerate directly a brand new set of features on devices management, currently under testing.

 

It would cost around $500,000-$800,000 to replicate the computational effort Google did to find one SHA1 collision.

 

Even if anyone wants to try it, the worst damage he/she can do is using the VPN access subscription of the targeted user. A regular subscription is astronomically cheaper.

 

It would not even affect the ability to decrypt targeted user data or log in website. Not realistic.

 

Kind regards

 

Ok, I'm going to play devil's advocate on this one just because I think it's a bit naive to just ignore the ability to now attack SHA1.

 

What you say is true, at $500K-$800K, there is certainly a barrier/disincentive for the average person doing average things with a VPN connection.  For those people, this is out, obviously.  You'd just buy your own sub and use it.  Let's ignore the fact that with spot instances, etc. it was said that it could be done as cheaply as $110K on AWS.  Irrelevant for the average person anyways as it's still way too much.

 

But what if you aren't an average person?  What if you're, as Donald Trump would say, "a real bad dude"?  As you said, the worst that can happen is someone can gain access to another user's VPN account here.  Well, as much as I trust AirVPN -- and I do -- if one of America's fine 3 lettered agencies came running to you and showed you proof that an active user of your service was in the middle of planning a plot to <fill in your worst nightmare here>, I'd have to believe that if that blank is bad enough, you're going to turn over whatever info you have pertaining to that active session, right (I hope)?

 

Well, here's hoping the "bad dude" didn't randomly (or otherwise) pick my vpn account to hack into.

 

The plausibility of all of this?  Negligible, undoubtedly.  But now that SHA1 is proven insecure, definitely not impossible because if you're willing to fill in the blank above with something that awful, what's a million bucks or so?  Probably not much in the scheme of things.

 

[ok, conspiracy cap is now off.]

 

Totally not related, this is not about ignoring the issue because of the high costs to break SHA1.

The fact is that HMAC-SHA1 is totally different than SHA1, and cannot be used to attack any part of the infrastructure even with your suggested millions.

 

This question was already answered, you can continue the discussion in this similar thread:

https://airvpn.org/topic/21914-encryption-algorithm-solved/


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

But what if you aren't an average person?  What if you're, as Donald Trump would say, "a real bad dude"?  As you said, the worst that can happen is someone can gain access to another user's VPN account here.  Well, as much as I trust AirVPN -- and I do -- if one of America's fine 3 lettered agencies came running to you and showed you proof that an active user of your service was in the middle of planning a plot to , I'd have to believe that if that blank is bad enough, you're going to turn over whatever info you have pertaining to that active session, right (I hope)?

 

Totally wrong. You can't access another user account. You can use the connection slots of that account (which, from a key, you obviously don't know anything of). And what's the point to perform a huge job, spend up to 800'000 USD, when you can have three connection slots for 54 EUR per year? When a collision successful attack will cost less than 54 EUR, then it will become more attractive than a regular subscription. For that time, though, all of our servers (and not only some) and clients will have already keys and certificates signed with SHA512. Actually, the upgrade will be completed in a matter of a few weeks, even if currently it is technically useless.

 

About OpenVPN Data and Control channels authentication ciphers, it is HMAC SHA1, which is not SHA1. See zhang answer and link for more details.

 

Share this post


Link to post

My take on this, per staff, is that there is conversion to SHA512 underway over the next few weeks. There is no critical urgency to convert immediately as they said HMAC-SHA1 is in use which is different than SHA1. I have to say that I'm impressed with AirVPN implementations, in good time, of features and protocols that are not only in the best interest for their business, but also for their customers. Nice!

Share this post


Link to post

My take on this, per staff, is that there is conversion to SHA512 underway over the next few weeks. There is no critical urgency to convert immediately as they said HMAC-SHA1 is in use which is different than SHA1. I have to say that I'm impressed with AirVPN implementations, in good time, of features and protocols that are not only in the best interest for their business, but also for their customers. Nice!

 

In the near future there will be NO shift from HMAC SHA1 to HMAC SHA512. There is no reason for it.

 

The change has been on some servers from SHA1 to SHA512 for VPN keys. All the other servers will be upgraded in a few weeks. Again, this has nothing to do with OpenVPN Data and Control channels authentication cipher, which is HMAC SHA, not SHA.

 

Kind regards

Share this post


Link to post

Please stay strong airvn the earths peope need privacy from the terrorists,

I dont mean alqueda or isis who where created by the CIA

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...