| 1 | = Security announcement: The Logjam attack and OpenVPN = |
| 2 | |
| 3 | On 20 May 2015, attacks dubbed 'Logjam' on Diffie-Hellman and TLS were published: |
| 4 | https://weakdh.org/ |
| 5 | |
| 6 | The attacks only affects OpenVPN is very limited ways, because: |
| 7 | 1. OpenVPN encourages users to generate their own DH-group using 'openssl dhparam', instead of using common groups. The man page / examples used to provide 1024 bits DH keys (updated to 2048 recently), and although 1024 bits dh params //can// be broken, that is still //very// expensive. Probably too expensive for your data if you don't share the group with others. |
| 8 | 2. OpenVPN does not support EXPORT DH parameters and thus the TLS rollback attack does not apply to OpenVPN. |
| 9 | |
| 10 | Users are advised to use DH params of at least 2048 bits. Updating DH parameters is easy and only needs a change on the server. Generate new params using e.g. |
| 11 | |
| 12 | `$ openssl dhparam -out dh3072.pem 3072` |
| 13 | |
| 14 | then update your server config to use these new parameters |
| 15 | |
| 16 | `dh dh3072.pem` |
| 17 | |
| 18 | and restart the server. |
| 19 | |
| 20 | For more information on the attack itself, please refer to the Logjam paper: |
| 21 | https://weakdh.org/imperfect-forward-secrecy.pdf |