SSL SSH encyrption key

[Weasel 16]

I was reading that using SSL/SSH doesn't mean anything as the authorities can court order the VPN to provide the encryption key, is that correct?  If so, then I guess I would agree, it is rather useless.  My understanding was the SSL SSH was strictly between the CPU and the destination page.

[JSD 6]

Hello Weasel,

 

the encryption key is, to my knowledge, not stored in a way that it could be exploited. And with Perfect Forward Secrecy, there is a new key for every session.  

 

My understanding was the SSL SSH was strictly between the CPU and the destination page.

 

No, the traffic between you and the VPN server is encrypted (too). This is true with UDP and TCP - the encryption is based on OpenSSL.

 

The goal of SSL and SSH is NOT to give you more security in terms of encryption in our case, but to hide from your ISP or from a firewall the fact that you are using a VPN. This is done by encapsulating the OpenVPN traffic in an extra layer that looks like normal SSL or SSH. This may help users from China or some other countries that try to block VPNs. But if you have nor need for them, SSL and SSH will just take some extra CPU power without giving you any significant advantage. 

 

While SSL and SSH add an extra layer of encryption, this is not necessary, because anyone who could crack the (very strong) encryption used by AIR with UDP and TCP could probably also crack this extra layer. 

[Weasel 16]

Thanks for your reply.  I always thought using SSL SSH added more security, so if AIRVPN was forced to hand over logs or whatever (yeah they say they don't, but HIA didn't either and we will never know until a court order shows up) the packets would be further encrypted from even their eyes, is that not so?  Thus if it is so, then them having the key would indeed make using SSL SSH to stop prying eyes useless.

[JSD 6]

...the packets would be further encrypted from even their eyes, is that not so?

 

Remember hat it is the very VPN server itself that is encrypting and decrypting the packets it is sending to you and respectively getting from you. So in principle, it could monitor your traffic before/after encrypting/decrypting it. (AIR always clearly said they could but never would do this.) This is true whatever is done with the session keys later, and whatever protocol is used - e.g. UDP, TCP, SSH, SSL. It’s in the nature of things.

 

If you are using end to end encryption (https, in particualr), your traffic is already encrypted BEFORE it arrives at the AIR server (where it is encrypted again if it flows from the server to you). Hence, in this case (end to end encryption), Air or any other VPN provider could only see some metadata (like the source of your packets and your IP), but not the playload/content of the packets itself. However, metadata alone can be very telling.

 

To the best of my knowledge, the encryption keys are not stored on the server, at least not when Perfect Forward Privacy is employed (what is the case for AIR and up-to-date SSL), if everything is configured properly. But as I said, a VPN’s abiliy to “log” does not depend on keeping any session keys. Concerning this latter issue and privacy, UDP, TCP, SSL and SSH are not different in our use case (SSL and SSH just add an extra layer of encryption that helps to mask OpenVPN traffic).

The substantives “logs” and “log files” usually refer to metadata like the URLs of the domains you have connected to, or your IP, in this context. (It would be very expensive to log all the playload/content, and even be useless in the case of strong end to end encryption.) As a rule, it’s exactly these metadata that some state agency may get if a VPN is keeping “logs” and can be persuaded or compelled to hand them over.

If you want to hide from AIR your data including your mtadata, you could perform what they call "partition of trust": using AIR together with a proxy or TOR or another VPN that is not aligned with them. That’s what they recommend if you do not want or cannot afford to trust them, but it's a personal choice.

[JSD 6]

If you want to hide from AIR your data including your metadata [typo corrected], you could perform what they call "partition of trust"…

 

This was poor wording from me. I should have said: If you want them to have too little metadata to know what you are doing, you should perform “partition of trust”. See here:

https://airvpn.org/tor/

 

If you were to hide all metadata even from AIR VPN (except how much traffic you are sending and receiving approximately at any given time), you would need three or more independent nodes, and the AIR server should neither be the first nor the last one in this chain. In this case, Air could neither see your real IP nor the real source and destination of your traffic. However, this might be an overkill, and even "partiton of trust" with only two systems may be just that for the bulk of users (my personal opinion).

AIR promises emphatically that they do not log, and it seems there was not a single (public) case of anybody whose identity was revealed due to a failure of AIR to protect the privacy of their customers in eight years.

[Weasel 16]

That was a good explanation, thanks for that.  So once again I was totally incorrect on my understanding...old age.  That PERFECT FORWARD SECURITY is what I was thinking of, that each SSL session is a unique key, but as you said AIR can still see inside the packet (correct?)

 

Just reading up on the directives they follow and they seem very clear that they cannot, by law, keep stuff on us:

 

"The addressees are Member States, who should prohibit listening, tapping, storage or other kinds of interception or surveillance of communication and “related traffic”, unless the users have given their consent or conditions of Article 15(1) have been fulfilled."

 

"Data retention and other issues

The directive obliges the providers of services to erase or anonymize the traffic data processed when no longer needed, unless the conditions from Article 15 have been fulfilled.^[10] Retention is allowed for billing purposes but only..."

 

"Where data relating to location of users or other traffic can be processed...users must be informed beforehand of the character of information collected and have the option to opt out"

 

SO:  if AIR is keeping stuff on us, according to European law they MUST tell us that they are doing so.  At least that is how I read it.

 

 

***AH HA!  FOUND WHAT I WAS READING!  Someone asked if VPN can read SSL: 

VPNs are not able to decrypt SSL/TLS traffic between the user and sites accessed through the VPN. But since the VPN has access to the SSL/TLS encrypted content it is a position to mount a man-in-the-middle attack.***

[JSD 6]

Hello Waesel,

I'm glad to help. (I would just like to draw your attention to my post from 05 June 2018 - 12:02 AM, if you have not yet noticed it, because it was published later.)
 

...but as you said AIR can still see inside the packet (correct?)

 

Let’s put it this way: AIR would not be prevented from seeing your traffic by the encryption you use to communicate with AIR servers. This kind of encryption is just done to exclude any third party and make sure only you and the AIR server can read the traffic.

Howeverver, a good encryption independent of AIR (end to end) would exclude AIR from seeing the specific content of yur packets – AIR could only get metadata. So for example, if you connect to your bank, your bank will (hopefully) encrypt your traffic securely so that no one between you and your bank (not AIR or anyone else) can read it. In this case, encryption shall ensure that the communication btween you and the bank server can only read by you and your bank. So, if you are using end to end encryption, there are (at least) two layers of encryption: one to protect the communication between You and AIR from interception, and one to protect the communication between you and your bank from anyone else (including AIR).

 

SO:  if AIR is keeping stuff on us, according to European law they MUST tell us that they are doing so.  At least that is how I read it.

I’m not a legal, but this seems to be the case to me. Further, they clearly state that they do not log – thus doing otherwise would certainly constitute a violation of terms and conditions and illegal in Italy and the EU.
 

But since the VPN has access to the SSL/TLS encrypted content it is a position to mount a man-in-the-middle attack.

In principle, everybody who is between you and your destination server could try to perform such an attack (for example, your ISP and internet backbones). However, this should normally not work because of certificates as long as there are no severe vulnerabilities:

 

https://medium.com/ssl-dragon/ssl-certificates-vs-man-in-the-middle-attacks-2871ac5b2b6b