Configure OpenSSL to prefer cryptosystems with PFS over any other. #88

virtadpt opened this Issue Jan 28, 2012 · 3 comments


None yet

1 participant

Project Byzantium member

Google contributed code to OpenSSL which implements PFS (Perfect Forward Secrecy). We should see if the build of OpenSSL in Porteus Linux has that code (I suspect that it does not), and if not consider what would go into upgrading to a version that does. There does not appear to be any settings in /etc/ssl/openssl.cnf pertaining to cryptosystems used or preferred; traditionally that's in the config files of the apps linked against OpenSSL (e.g., Apache).

For our threat model PFS is a must - it's assumed that attackers will be recording all traffic on the mesh, and as much traffic as feasible will be strongly encrypted by default. However, without PFS an attacker can potentially seize a node, extract keying material, and use it to decrypt the captured traffic. With PFS the attacker won't be able to do that to any but currently active streams; streams that have terminated will be safe because the keying information won't exist anymore. Nodes won't be using swap space on disk by default (nor will most of them even have any) so that isn't a risk.

I/O Error maintains a repository of configuration files ( that are preconfigured for strong crypto with PFS, we should consider making use of those settings.

We should also determine how much extra load that'll put on the node, which will translate under some circumstances into increased battery drain.

Project Byzantium member

Version of OpenSSL packaged with Porteus v1.1: v0.9.8r.

Version of OpenSSL with PFS support: v1.0.0, tested with the command openssl ciphers ECDH

Porteus v1.1 doesn't support PFS. So, we can either compile the latest and greatest version of OpenSSL (or see if one of the Porteus devs has done so already) and potentially have to recompile and re-link everything. We might also be able to get away with putting two copies of the OpenSSL suite into the distro and running them in parallel. It'll work but it's messy, and it'll be difficult to keep track of which rev of OpenSSL app /x/ is referencing at any given time.


Project Byzantium member

Definitely of relevance:

We need to test with Porteus v1.2.

Project Byzantium member


@virtadpt virtadpt closed this May 3, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment