Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Configure OpenSSL to prefer cryptosystems with PFS over any other. #88

Closed
virtadpt opened this Issue · 3 comments

1 participant

The Doctor
The Doctor
Owner

Google contributed code to OpenSSL which implements PFS (Perfect Forward Secrecy). We should see if the build of OpenSSL in Porteus Linux has that code (I suspect that it does not), and if not consider what would go into upgrading to a version that does. There does not appear to be any settings in /etc/ssl/openssl.cnf pertaining to cryptosystems used or preferred; traditionally that's in the config files of the apps linked against OpenSSL (e.g., Apache).

For our threat model PFS is a must - it's assumed that attackers will be recording all traffic on the mesh, and as much traffic as feasible will be strongly encrypted by default. However, without PFS an attacker can potentially seize a node, extract keying material, and use it to decrypt the captured traffic. With PFS the attacker won't be able to do that to any but currently active streams; streams that have terminated will be safe because the keying information won't exist anymore. Nodes won't be using swap space on disk by default (nor will most of them even have any) so that isn't a risk.

I/O Error maintains a repository of configuration files (https://github.com/ioerror/duraconf) that are preconfigured for strong crypto with PFS, we should consider making use of those settings.

We should also determine how much extra load that'll put on the node, which will translate under some circumstances into increased battery drain.

The Doctor
Owner

Version of OpenSSL packaged with Porteus v1.1: v0.9.8r.

Version of OpenSSL with PFS support: v1.0.0, tested with the command openssl ciphers ECDH

Porteus v1.1 doesn't support PFS. So, we can either compile the latest and greatest version of OpenSSL (or see if one of the Porteus devs has done so already) and potentially have to recompile and re-link everything. We might also be able to get away with putting two copies of the OpenSSL suite into the distro and running them in parallel. It'll work but it's messy, and it'll be difficult to keep track of which rev of OpenSSL app /x/ is referencing at any given time.

Reference: http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html

The Doctor
Owner

Definitely of relevance: https://github.com/ioerror/duraconf/blob/master/configs/apache2/https-hsts.conf

We need to test with Porteus v1.2.

The Doctor
Owner

Done.

The Doctor virtadpt closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.