XKeyscore

[JamesDean 10]

The newest article on the US NSA features a presentation that mentions VPN. I figured Air Staff may want to quell the panic

 

The presentation is from 2008, so they could have been talking about decrypting PPTP for all we know, but I found it interesting. I'm attaching the relevant slide as a screen grab.

 

 

 

 

 

[Staff 9972]

Hello,

 

the unsolvable problem for NSA in this case is that our customers client keys for OpenVPN Data Channel encryption are re-negotiated at each new connection AND every 60 minutes (essentially the core of Perfect Forward Secrecy).

 

Customers can also lower the TLS re-keying interval on the client side.

 

Kind regards

[JamesDean 10]

How can I lower the re-keying interval? I just did a search and your reply above was the only result. I just looked at the config and didn't see where to change it.

 

Thanks,

 

JD

[JamesDean 10]

P.S. I'm using OpenVPN proper and embedded certs in the .ovpn config file.

 

JD

[zhang888 1066]

I'm all for a new Russia based server named "Snowden"

 

To your question,

That can not be used in a deterministic way in most countries, since VPNs are also very popular in corporate networks.

 

I guess that the NSA meaning here was to see all VPN communications in countries like Afghanistan or Iraq, where the internet is not very popular

and the usage of VPN can actually help detecting a source of communication.

[NaDre 157]

How can I lower the re-keying interval? I just did a search and your reply above was the only result. I just looked at the config and didn't see where to change it.

 

Thanks,

 

JD

 

https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage

 

I guess it would be "--reneg-sec n"? But the explanation says "set it to 0 on one side of the connection (to disable), and to your chosen value on the other side". Is it zero on the server side?

[JamesDean 10]

whichever uses the lower value will be the one to trigger the renegotiation.

 

Nice find. The server should be set to 3600, so anything lower on our end, should take precedent. I'll wait for staff to confirm, but I'm going to try it now. Thanks mate.

[JamesDean 10]

That was it. In windows, get rid of the two dashes. I set 15 minutes, and it re-keyed:

 

Wed Jul 31 18:48:53 2013 TLS: soft reset sec=0 bytes=2401419/0 pkts=3939/0
Wed Jul 31 18:48:54 2013 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
Wed Jul 31 18:48:54 2013 VERIFY OK: nsCertType=SERVER
Wed Jul 31 18:48:54 2013 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
Wed Jul 31 18:48:56 2013 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Jul 31 18:48:56 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 31 18:48:56 2013 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Jul 31 18:48:56 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 31 18:48:56 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

 

reneg-sec 900

[Staff 9972]

@johndough

 

Yes. Just to explain more to the readers, the client, without any server co-operation, can either disable TLS renegotiation (NOT recommended at all) or set any TLS re-keying period NOT HIGHER than the server setting.  It's not possible that the client set a TLS re-negotiation (if active) to more than the time value set on the server.

 

Our servers are set to 60 minutes, so you can't have TLS re-negotiations higher than 60 minutes.

 

Kind regards