On Encryption (opens in new tab)

(privateinternetaccess.com)

40 pointsmtoledo12y ago16 comments

16 comments

I would not make the assumption that 1024 bit conventional Diffie Hellman is safe.

You're probably right. We've already changed to 2048 DH everywhere. Do you have any opinion on if that is a strong enough default?

hyperplane12y ago

Does OpenVPN support ECDH parameters yet? openssl supports ecparam[1], and polarssl is now supporting it in their development branch[2].

[1] http://www.openssl.org/docs/apps/ecparam.html

[2] https://github.com/polarssl/polarssl/commit/577e006c2fe4a361...

1 more reply

stock_toaster12y ago

  > We will also be adding support for something no other provider is currently offering called Elliptic Curve Cryptographic security, with both 256bit and 521bit curves.

Any particular reason to not offer 384bit as well?

ps. likely a typo: 521 should be 512?

edit: Nope. 521 is correct[1]. thanks @mtoledo

[1]: https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#ci...

mtoledoOP12y ago

"The sequence may seem suggestive of a typographic error. Nevertheless, the last value is 521 and not 512 bits."

https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#ci...

stock_toaster12y ago

oh interesting. ha. thanks for that!

SilliMon12y ago

If I were the NSA, I would run these VPN services.

They provide a perfect honeypot to gather the "illegal" web users or those with something to hide, in one place.

contingencies12y ago

Many VOIP providers are exactly that.

junto12y ago

If I was the NSA I'd force/put some piece of network hardware that mirrored all VPN traffic exiting PIA's endpoints. I would assume that the US, UK and DE endpoints might be monitored without PIA's knowledge (unless they own the data centre and/or upstream provider?).

Then it is fairly simple to start pattern matching the unencrypted traffic exiting your endpoints by matching HTTP headers for each client. Then all they would need is for a VPN user to acces a website that leaks the user's identity and you can back match their previous traffic.

For example, you search for information on "how to make a bomb" via the VPN. Your browser sends the the HTTP headers, Accept-Language set to Accept-Language: ar-YE,en-US,fr-FR,de-DE;q=0.5 and a user agent of Mozilla/5.0 (Windows NT 6.2; Win64; x64; rv:21.0.0) Gecko/20121011 Firefox/21.0.0. Those HTTP headers aren't unique, but they vastly narrow the search scope.

Now as that user you visit your Facebook page, and those same matching HTTP headers are passed. Boom, you've just leaked your true identity.

vezzy-fnord12y ago

This is somewhat of a red herring. It's more feasible for the NSA to attack from a side channel, and with their influence that's what they've been doing. No doubt they may have optimized some attacks on already previously weakened ciphers (such as RC4), but there's so many other links to strike.

nly12y ago

I'd be interested to hear what VPN providers are doing in terms of physical security and the risk of key theft/infiltration.

j / k navigate · click thread line to collapse

16 comments

tptacek12y ago

I would not make the assumption that 1024 bit conventional Diffie Hellman is safe.

coderrr12y ago

You're probably right. We've already changed to 2048 DH everywhere. Do you have any opinion on if that is a strong enough default?

hyperplane12y ago

Does OpenVPN support ECDH parameters yet? openssl supports ecparam[1], and polarssl is now supporting it in their development branch[2].

[1] http://www.openssl.org/docs/apps/ecparam.html

[2] https://github.com/polarssl/polarssl/commit/577e006c2fe4a361...

1 more reply

stock_toaster12y ago

  > We will also be adding support for something no other provider is currently offering called Elliptic Curve Cryptographic security, with both 256bit and 521bit curves.

Any particular reason to not offer 384bit as well?

ps. likely a typo: 521 should be 512?

edit: Nope. 521 is correct[1]. thanks @mtoledo

[1]: https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#ci...

mtoledoOP12y ago

"The sequence may seem suggestive of a typographic error. Nevertheless, the last value is 521 and not 512 bits."

https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#ci...

stock_toaster12y ago

oh interesting. ha. thanks for that!

SilliMon12y ago

If I were the NSA, I would run these VPN services.

They provide a perfect honeypot to gather the "illegal" web users or those with something to hide, in one place.

contingencies12y ago

Many VOIP providers are exactly that.

junto12y ago

Now as that user you visit your Facebook page, and those same matching HTTP headers are passed. Boom, you've just leaked your true identity.

vezzy-fnord12y ago

nly12y ago

I'd be interested to hear what VPN providers are doing in terms of physical security and the risk of key theft/infiltration.

j / k navigate · click thread line to collapse