Jump to content
Not connected, Your IP: 13.58.18.135
Sign in to follow this  
JamesDean

HMAC & RSA Length Upgrade?

Recommended Posts

Given the recent revalations, is it a valid question to ask if the HMAC should be upgraded to SHA256 or 512, and the RSA keys to 3072 or 4096?

 

I know nothing on how OpenVPN operates at the low level, but I thought I'd ask.

Share this post


Link to post

Hello,

 

there is no time pressure to move away from RSA 2048-bit size keys. According to some experts (but not all, other experts do not agree), RSA 1024-bit keys are likely to be "breakable" with technologically possible resources in the very near future (a matter of years, or maybe months). RSA 2048-bit keys are unanimously not considered "breakable" until 2030. See references and notes in the Wikipedia article "RSA (algorithm)". Of course we are talking about properly generated RSA keys (i.e. whose prime factors are generated with a random number generator seeded with sufficient entropy) and assuming that no polynomial-time method for factoring large integers on a computer will ever be found (but it must be noted that, while such method has never been found in decades of research, it has never been proved that such method does not exist).

 

About SHA256, SHA512 and Elliptic Curves cryptography, keep in mind that in our configuration HMAC SHA-1 (not SHA-1) is used for tunnel packets authentication, for which we just don't care about collisions, not for tunnel data channel (OpenVPN Data Channel is encrypted with AES-256-CBC cipher). In order to start to attack the underlying SHA-1, an attacker should first find the private key.

 

Moving to Elliptic Curves cryptography (when OpenVPN will support it natively) is not a totally painless procedure, customers and users will have to upgrade their clients and re-generate every configuration file, while older systems will not be able to handle it with older OpenSSL and OpenVPN versions.

 

See also:

 

https://forums.openvpn.net/topic8404.html

 

Therefore, should the need to move to HMAC SHA512 arise ("attacks always get better, they never get worse"), we will make the procedure as smooth as possible, with overlapping windows, carefully planning it in order not to cut out of the service users and customers.

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...