Request for comment on Anonymous, Encrypted SSL approach

Fri, 17 Sep 2010 07:44:07 -0700 

Greetings,

I've been searching for a way to set up an encrypted SSL connection
that doesn't require the use of certificates. Ideally, I'd like to use
SSL + SRP as specified in RFC 5054 but, as that isn't yet commonly
available, I'd like to fall back to setting up an anonymous but
encrypted SSL connection over which I'll manually use SRP for
authentication. The SRP portion I have a pretty good handle on but I'm
not quite sure about the anonymous SSL portion. I found an anonymous
diffie-hellman example by Josue Gomes a while back
(http://www.josuegomes.com/dhsample.php) that seems to do exactly what
I'd like. However, being anything but a "security guru" I'd appreciate
it if someone in the know could clarify a few things for me and let me
know if I'm on the right track.

The following few lines are the relevant anonymous diffie-hellman
calls distilled from Josue's client/server example.

Server:
    DH* dh = DH_new();
    DH_generate_parameters_ex(dh, 2, DH_GENERATOR_2, 0);
    DH_check(dh, &codes);
    DH_generate_key(dh);
    SSL_CTX_set_tmp_dh(ctx, dh);
    SSL_CTX_set_cipher_list(ctx, "ADH-AES256-SHA");

Client:
    SSL_CTX_set_cipher_list(ctx, "ADH-AES256-SHA");

For the most part, this looks pretty straight-forward. I was wondering
though if the manual DH generation is actually necessary. I was under
the (mistaken?) impression that the DH keys were automatically
generated by OpenSSL. Assuming that I do, in fact, need to generate
them manually, are the generation parameters used here considered
sufficient for general-purpose use or would an alternative set be
preferable? Also, the "DH_check" seems odd. Is it possible for the
DH_generate_parameters_ex to fail in such a way that it doesn't return
an error code but that DH_check will catch?

I've successfully implemented an OpenSSL client/server pair using the
key lines mentioned above. However, the first rule in security is "if
you don't know what you're doing, get input from someone who does". I
most certainly don't know what I'm doing here and would greatly
appreciate a critique of this approach.

Regards,

Tom Cocagne
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to