HMAC & RSA Length Upgrade?

JamesDean

Given the recent revalations, is it a valid question to ask if the HMAC should be upgraded to SHA256 or 512, and the RSA keys to 3072 or 4096?

I know nothing on how OpenVPN operates at the low level, but I thought I'd ask.

Staff

Hello,

there is no time pressure to move away from RSA 2048-bit size keys. According to some experts (but not all, other experts do not agree), RSA 1024-bit keys are likely to be "breakable" with technologically possible resources in the very near future (a matter of years, or maybe months). RSA 2048-bit keys are unanimously not considered "breakable" until 2030. See references and notes in the Wikipedia article "RSA (algorithm)". Of course we are talking about properly generated RSA keys (i.e. whose prime factors are generated with a random number generator seeded with sufficient entropy) and assuming that no polynomial-time method for factoring large integers on a computer will ever be found (but it must be noted that, while such method has never been found in decades of research, it has never been proved that such method does not exist).

About SHA256, SHA512 and Elliptic Curves cryptography, keep in mind that in our configuration HMAC SHA-1 (not SHA-1) is used for tunnel packets authentication, for which we just don't care about collisions, not for tunnel data channel (OpenVPN Data Channel is encrypted with AES-256-CBC cipher). In order to start to attack the underlying SHA-1, an attacker should first find the private key.

Moving to Elliptic Curves cryptography (when OpenVPN will support it natively) is not a totally painless procedure, customers and users will have to upgrade their clients and re-generate every configuration file, while older systems will not be able to handle it with older OpenSSL and OpenVPN versions.

Sign In

HMAC & RSA Length Upgrade?

Recommended Posts

JamesDean 10

Share this post

Link to post

Staff 9808

Share this post

Link to post

Join the conversation

Home

Community