DUHK attack and OpenVPN


October 24, 2017 Shaanan Cohney, Nadia Heninger and Matthew D. Green released Practical state recovery attacks against legacy RNG implementations (PDF) which have been known as the DUHK attack: Don't Use Hard-coded Keys. This relates in particular to a Random Number Generator (RNG) algorithm known as ANSI X9.31 RNG.

The ANSI X9.31 RNG has been deprecated as part of the FIPS specification as of January 2016 and is further discouraged elsewhere too.

How is OpenVPN affected?

OpenVPN is not affected by DUHK. All random number generation in OpenVPN is based upon the SSL/TLS libraries and, to our knowledge, neither OpenSSL nor mbed TLS depends on the ANSI X9.31 RNG algorithm. Further, OpenVPN does not use or deploy any hard-coded keys or seeds for the RNG. And both OpenSSL and mbed TLS libraries implements re-seeding of the RNG at regular intervals.

Last modified 5 years ago Last modified on 11/02/17 19:59:56