Hi, I fully agree with Steffan. An extra check you can throw in is to check the client and server side certificates, as well as the CA certificate. The server certificate may be signed using RSA4096 but if other certificates in the chain are weaker then this offers little protection. You can check the cipher strength of the CA certificate by writing the CA blob
<ca> -----BEGIN CERTIFICATE----- Large chunks of alphanumeric text -----END CERTIFICATE----- </ca> to a file and then run openssl x509 -text -noout -in cert.pem | grep 'Public' If you see a 1024 public key in the chain then I'd worry; 2048 bit certificates are fine. JM2CW, JJK On 14/12/16 21:06, Steffan Karger wrote: > Hi, > > On 14-12-16 17:31, Sebastian Rubenstein wrote: >> I hope that some experts here will be able to tell me if my VPN provider >> uses weak encryption standards with regards to encryption/decryption of >> control channel authentication and data channel? Thanks. >> >> Below is a sample of a redacted config file: >> >> tls-client > This means you're using TLS for forward secrecy, and are refreshing you > data channel keys (at least) hourly. That's good. > >> remote-cert-tls server > You are checking that you are connecting to someone with a *server* > certificate (so not just some other client pretending to be a server). > >> cipher AES-256-CBC >> auth SHA512 > You are using AES-256-CBC for data channel encryption, which is very > strong, and HMAC-SHA512 for data channel authentication, which is very > strong too (frankly, overly strong. SHA256 gives you 32 bytes per > packet overhead instead of 64, and is also very strong). > >> key-direction 1 >> <tls-auth> >> # >> # 2048 bit OpenVPN static key >> # >> -----BEGIN OpenVPN Static key V1----- >> >> Large chunks of alphanumeric text >> >> -----END OpenVPN Static key V1----- >> </tls-auth> > You're using TLS-auth to protect against mitm attacks on your TLS > connection, which is very good. key-directing 1 means you are using > different keys for client-server and server-client traffic, which is > good too. > >> Wed Dec 7 08:27:57 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 >> ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA > Your private key is RSA-4096, which is plenty strong too. You might > want to consider elliptic curve certificates to gain some connection > setup speed, but you will probably not gain any extra security by that. > > So, all in all, very decent setup. Once you move to OpenVPN 2.4 (which > is nearing release), you switch from --tls-auth to --tls-crypt for some > "poor-man's" post-quantum security, and use AES-256-GCM for more > efficiency on the data channel. > > -Steffan > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, SlashDot.org! http://sdm.link/slashdot > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
