wiki:CipherNegotiation

Version 27 (modified by tct, 4 years ago) (diff)

--

OpenVPN Cipher Negotiation (Quick reference)

This wiki defines the expected behaviour of Cipher Negotiation between common configurations of OpenVPN servers and clients.

For full details please see:
https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/cipher-negotiation.rst

Effective directives

2.5: --data-ciphers ALG:ALG - Data channel ciphers. Default ALG AES-256-GCM:AES-128-GCM
2.5: --data-cipher-fallback ALG - Fallback data channel cipher.
All: --cipher ALG - Data channel cipher. Will be deprecated.

In OpenVPN 2.5 --cipher does not have a default ALG.
In OpenVPN upto 2.4 the default ALG is BF-CBC.

2.4: --ncp-disable - Disable NCP - Deprecated.

Common configurations

Commonly expected configurations of the Effective directives above.

Servers

  • Version 2.5
    1. Default configuration: No effective directives specified.
    2. Configuring:
      --data-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC
      --cipher BF-CBC
  • Version 2.4
    1. Default configuration: No effective directives specified.
    2. Configuring: --cipher
    3. Configuring: --cipher and --ncp-disable
  • Version 2.3
    1. Default configuration: No effective directives specified.
    2. Configuring: --cipher
  • Version 2.2
    1. Default configuration: No effective directives specified.
    2. Configuring: All bets are off - Upgrade now!

Clients

  • Version 2.5
    1. Default configuration: No effective directives specified.
  • Version 2.4
    1. Default configuration: No effective directives specified.
    2. Configuring: --cipher
  • Version 2.3
    1. Default configuration: No effective directives specified.
    2. Configuring: --cipher
  • Version 2.2
    1. Default configuration: No effective directives specified.
    2. Configuring: All bets are off - Upgrade now!

Expected Behaviour indexed by Server version

Server version 2.5

Default configuration: No effective directives specified.

--cipher --data-ciphers -fallback NCP
- - - Yes
  • Client version 2.5
--cipher --data-ciphers -fallback NCP Connection
- - - Yes OK. AES-256-GCM
AES-256-CBC - - Yes OK. AES-256-GCM
BF-CBC - - Yes OK. AES-256-GCM
  • Client version 2.4
--cipher NCP Connection
- Yes OK. AES-256-GCM
AES-256-CBC Yes OK. AES-256-GCM
BF-CBC Yes OK. AES-256-GCM
  • Client version 2.3
--cipher NCP Connection
- No Fail. (no shared cipher)
AES-256-CBC No Fail. (no shared cipher)
BF-CBC No Fail. (no shared cipher)
  • Client version 2.2
--cipher NCP Connection
- No Fail (no shared cipher)
BF-CBC No Fail (no shared cipher)

Server version 2.5 Configuring: --data-ciphers and --cipher

--cipher --data-ciphers -fallback NCP
BF-CBC AES-256-GCM:AES-128-GCM:AES-256-CBC - Yes
  • Client version 2.3
--cipher NCP Connection
- No OK. BF-CBC
AES-256-CBC No OK. AES-256-CBC
BF-CBC No OK. BF-CBC
  • Client version 2.2
--cipher NCP Connection
- No OK. BF-CBC
BF-CBC No OK. BF-CBC

Server version 2.4

Default configuration: No effective directives specified.

--cipher --ncp-ciphers NCP
- - Yes
  • Client version 2.5
--cipher --data-ciphers -fallback NCP Connection
- - - Yes OK. AES-256-GCM
AES-256-CBC - - Yes OK. AES-256-GCM
BF-CBC - - Yes OK. AES-256-GCM
  • Client version 2.4
--cipher --ncp-ciphers NCP Connection
- - Yes OK. AES-256-GCM
AES-256-CBC - Yes OK. AES-256-GCM
BF-CBC - Yes OK. AES-256-GCM
  • Client version 2.3
--cipher NCP Connection
- No OK. BF-CBC
AES-256-CBC No Fail (no shared cipher)
BF-CBC No OK. BF-CBC
  • Client version 2.2
--cipher NCP Connection
- No OK. BF-CBC
BF-CBC No OK. BF-CBC

Server version 2.4 Configuring: --cipher

--cipher --ncp-ciphers NCP
AES-256-CBC - Yes
  • Client version 2.5
--cipher --data-ciphers -fallback NCP Connection
- - - Yes OK. AES-256-GCM
AES-256-CBC - - Yes OK. AES-256-GCM
BF-CBC - - Yes OK. AES-256-GCM
  • Client version 2.4
--cipher --ncp-ciphers NCP Connection
- - Yes OK. AES-256-GCM
AES-256-CBC - Yes OK. AES-256-GCM
BF-CBC - Yes OK. AES-256-GCM
  • Client version 2.3
--cipher NCP Connection
- No Fail (no shared cipher)
AES-256-CBC No OK. AES-256-CBC
BF-CBC No Fail (no shared cipher)
  • Client version 2.2
--cipher NCP Connection
- No Fail (no shared cipher)
BF-CBC No Fail (no shared cipher)

Server version 2.4 Configuring: --cipher and --ncp-disable

--cipher --ncp-ciphers NCP
AES-256-CBC - No
  • Client version 2.5
--cipher --data-ciphers -fallback NCP Connection
- - - Yes Fail (no shared cipher)
AES-256-CBC - - Yes OK. AES-256-CBC
BF-CBC - - Yes Fail (no shared cipher)
  • Client version 2.4
--cipher --ncp-ciphers NCP Connection
- - Yes Fail (no shared cipher)
AES-256-CBC - Yes OK. AES-256-CBC
BF-CBC - Yes Fail (no shared cipher)
  • Client version 2.3
--cipher NCP Connection
- No Fail (no shared cipher)
AES-256-CBC No OK. AES-256-CBC
BF-CBC No Fail (no shared cipher)
  • Client version 2.2
--cipher NCP Connection
- No Fail (no shared cipher)
BF-CBC No Fail (no shared cipher)

Server version 2.3

Default configuration: No effective directives specified.

--cipher NCP
- No
  • Client version 2.5
--cipher --data-ciphers -fallback NCP Connection
- - - Yes Fail (no shared cipher)
AES-256-CBC - - Yes Fail (no shared cipher)
BF-CBC - - Yes OK. BF-CBC
  • Client version 2.4
--cipher --ncp-ciphers NCP Connection
- - Yes Fail (no shared cipher)
AES-256-CBC - Yes Fail (no shared cipher)
BF-CBC - Yes OK. BF-CBC
  • Client version 2.3
--cipher NCP Connection
- No OK. BF-CBC
AES-256-CBC No Fail (no shared cipher)
BF-CBC No OK. BF-CBC
  • Client version 2.2
--cipher NCP Connection
- No OK. BF-CBC
BF-CBC No OK. BF-CBC

Server version 2.3 Configuring: --cipher

--cipher NCP
AES-256-CBC No
  • Client version 2.5
--cipher --data-ciphers -fallback NCP Connection
- - - Yes Fail (no shared cipher)
AES-256-CBC - - Yes OK. AES-256-CBC
BF-CBC - - Yes Fail (no shared cipher)
  • Client version 2.4
--cipher --ncp-ciphers NCP Connection
- - Yes Fail (no shared cipher)
AES-256-CBC - Yes OK. AES-256-CBC
BF-CBC - Yes Fail (no shared cipher)
  • Client version 2.3
--cipher NCP Connection
- No Fail (no shared cipher)
AES-256-CBC No OK. AES-256-CBC
BF-CBC No Fail (no shared cipher)
  • Client version 2.2
--cipher NCP Connection
- No Fail (no shared cipher)
BF-CBC No Fail (no shared cipher)

Server version 2.2

Default configuration: No effective directives specified.

--cipher NCP
- No
  • Client version 2.5
--cipher --data-ciphers -fallback NCP Connection
- - - Yes Fail (no shared cipher)
AES-256-CBC - - Yes Fail (no shared cipher)
BF-CBC - - Yes OK. BF-CBC
  • Client version 2.4
--cipher --ncp-ciphers NCP Connection
- - Yes OK. BF-CBC
AES-256-CBC - Yes Fail (no shared cipher)
BF-CBC - Yes OK. BF-CBC
  • Client version 2.3
--cipher NCP Connection
- No OK. BF-CBC
AES-256-CBC No Fail (no shared cipher)
BF-CBC No OK. BF-CBC
  • Client version 2.2
--cipher NCP Connection
- No OK. BF-CBC
BF-CBC No OK. BF-CBC

Corner case: OpenVPN built with --enable-small

TODO.
Only effects .. ?


And some fun ;-) An early version.

--cipher

--data-cipher

-fallback

NCP

Expected

Client

Server

Client

Server

Client

Server

-

-

-

AES-256-GCM:AES-128-GCM

YES

YES

OK

Even ..