year = 2008,
month = jul,
}
+
+
+
+@book{katz2008introduction,
+ title={Introduction to modern cryptography},
+ author={Katz, J. and Lindell, Y.},
+ isbn={9781584885511},
+ lccn={2007017861},
+ series={Chapman and Hall/CRC Cryptography and Network Security Series},
+ url={http://books.google.at/books?id=WIc\_AQAAIAAJ},
+ year={2008},
+ publisher={Chapman \& Hall/CRC}
+}
\usepackage{fancyvrb}
\usepackage{listings}
+
\usepackage{gitinfo}
% custom changes:
%%\subsection{Architectural overview }
+This section defines some terms which will be used throughout this guide.
+
+
A cipher suite is a standardised collection of key exchange algorithms, encryption
algorithms (ciphers) and Message authentication codes (MAC) that provides authenticated
encryption schemes. It consists of the following components:
``An (interactive) key exchange protocol is a method whereby parties who do not
share any secret information can generate a shared, secret key by communicating
over a public channel. The main property guaranteed here is that an
-eavesdropping adversary who sees all the messages sent over the communication
-line does not learn anything about the resulting secret key.'' {1}
-Katz, Lindell Introduction to Modern cryptography
-Example: DH ECDH DHE ECDHE RSA
+eavesdroppin adversary who sees all the messages sent over the communication
+line does not learn anything about the resulting secret key.'' \cite{katz2008introduction}
+
+Example: \texttt{DHE}
\item{Authentication:}
The client authenticates the server by its certificate. Optionally the server
may authenticate the client certificate.
-Example: RSA ECDSA DSA
+
+Example: \texttt{RSA}
\item{Cipher:}
The cipher is used to encrypt the message stream. It also contains the key size
and mode used by the suite.
-Example: AES128 AES128\_GCM Camellia128
+
+Example: \texttt{AES256}
\item{Message authentication code (MAC):}
A MAC ensures that the message has not been tampered with (integrity).
-Examples: SHA256 SHA384 SHA
-\todo{find a good visualisation for a cipher suite composition}
+Examples: \texttt{SHA256}
+
+
+\begin{figure}[h]
+\makebox[\textwidth]{
+\framebox[1.1\width]{ \texttt{DHE} }--\framebox[1.1\width]{ \texttt{RSA} }--\framebox[1.1\width]{ \texttt{AES256} }--\framebox[1.1\width]{ \texttt{SHA256} } }
+\caption{Composition of a typical cipher string}
+\end{figure}
+
\item{Authenticated encryption scheme:}
An encryption scheme which provides for confidentiality, integrity and authenticity.
\begin{itemize}
\item OpenVPN 2.3.2 from Debian ``wheezy-backports'' linked against openssl (libssl.so.1.0.0)
-\item OpenVPN 2.2.1 from Debian 7.0 linked against openssl (libssl.so.1.0.0)
+\item OpenVPN 2.2.1 from Debian 7.0 linked against openssl
+ (libssl.so.1.0.0)
+\item OpenVPN 2.3.2 for Windows
\end{itemize}
\item[Settings:] \mbox{}
% # TLS Authentication
% tls-auth ta.key
+% previous:
+% tls-cipher
+% ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:AES256-SHA
+% the cipherlist here is config B without the ECDHE strings, because
+% it must fit in 256 bytes...
\begin{lstlisting}[breaklines]
-tls-cipher ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:AES256-SHA
+tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
cipher AES-256-CBC
auth SHA384
# generate with 'openssl dhparam -out dh2048.pem 2048':
The \verb|cipher| and \verb|auth| directives have to be identical.
\begin{lstlisting}[breaklines]
-tls-cipher ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:AES256-SHA
+tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
cipher AES-256-CBC
auth SHA384
section \ref{section:recommendedciphers} directly from 2.3.1 on, which
is why we give an explicit cipher list here.
+In addition, there is a 256 character limit on configuration file line
+lengths; that limits the size of cipher suites, so we dropped all
+ECDHE suites.
+
The configuration shown above is compatible with all tested versions.
\item[References:] \mbox{}\\
\item[Limitations:] \mbox{}
-OpenVPN has a 256 character limit on configuration file line lengths;
-that limits then length of cipher suites.
-
Note that the ciphersuites shown by \verb|openvpn --show-tls| are {\it
known}, but not necessarily {\it
supported} \footnote{\url{https://community.openvpn.net/openvpn/ticket/304}}.
+Which cipher suite is actually used can be seen in the logs:
+
+\verb|Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA256-SHA, 2048 bit RSA|
\end{description}
note = {Accessed 2013-12-06},
}
+@book{katz2008introduction,
+ title={Introduction to modern cryptography},
+ author={Katz, J. and Lindell, Y.},
+ isbn={9781584885511},
+ lccn={2007017861},
+ series={Chapman and Hall/CRC Cryptography and Network Security Series},
+ url={http://books.google.at/books?id=WIc\_AQAAIAAJ},
+ year={2008},
+ publisher={Chapman \& Hall/CRC}
+}
+~