| | 1 | = Security announcement: The Logjam attack and OpenVPN = |
| | 2 | |
| | 3 | On 20 May 2015, attacks dubbed 'Logjam' on Diffie-Hellman and TLS were published: |
| | 4 | https://weakdh.org/ |
| | 5 | |
| | 6 | The attacks only affects OpenVPN is very limited ways, because: |
| | 7 | 1. OpenVPN encourages users to generate their own DH-group using 'openssl dhparam', instead of using common groups. The man page / examples used to provide 1024 bits DH keys (updated to 2048 recently), and although 1024 bits dh params //can// be broken, that is still //very// expensive. Probably too expensive for your data if you don't share the group with others. |
| | 8 | 2. OpenVPN does not support EXPORT DH parameters and thus the TLS rollback attack does not apply to OpenVPN. |
| | 9 | |
| | 10 | Users are advised to use DH params of at least 2048 bits. Updating DH parameters is easy and only needs a change on the server. Generate new params using e.g. |
| | 11 | |
| | 12 | `$ openssl dhparam -out dh3072.pem 3072` |
| | 13 | |
| | 14 | then update your server config to use these new parameters |
| | 15 | |
| | 16 | `dh dh3072.pem` |
| | 17 | |
| | 18 | and restart the server. |
| | 19 | |
| | 20 | For more information on the attack itself, please refer to the Logjam paper: |
| | 21 | https://weakdh.org/imperfect-forward-secrecy.pdf |
