|
|
Nathaniel, It's a good question and it hasn't been asked before. The --tls-auth file is a "passphrase" file meaning that it should be a text or binary file with sufficient entropy to seed a strong cryptographic hash. It's been suggested by various papers I've seen on the topic, that a reasonable and conservative rule of thumb for measuring the entropy of English text is one bit per character of text. To properly seed the key which is used by --tls-auth, you need 160 bits of entropy (if you are using the SHA1 cryptographic hash, which OpenVPN uses by default). So the simple answer is that if your passphrase file is english prose, it should be at least 160 characters long (I presume not counting spaces). So if your passphrase file is 1 Kbyte, that should certainly be sufficient. In technical terms, --tls-auth is implemented by taking the SHA1 (by default) cryptographic hash of the contents of the passphrase file and then using the hash as an HMAC key to sign and authenticate packets. HMAC is used not as a cipher, but rather as a mechanism for signing a packet with a key at one end of the connection, and then verifying the signature at the other end using the same key. Without the key (which is derived by hashing the passphrase file), it is infeasible to generate a packet with the correct signature. A great deal of OpenVPNs protection against active (or so-called "man-in-the-middle") attacks rests on the usage of HMAC + a cryptographic hash such as SHA1 to sign and verify packets. HMAC is discussed at length here: http://www.cs.ucsd.edu/users/mihir/papers/hmac.html James Nathaniel Harward <nharward@xxxxxxxxx> said: > I am setting up OpenVPN for the first time and want to use the TLS > authentication over the static key method. From what I've read using the > "tls-auth" option seems to be a pretty good idea when doing this. However, I'm > unable to find any mention of what the tls-auth file should actually contain > and how large it should be: is this a particular key? random data? a text file > with a password...? In the docs it's referred to as a "shared secret", when I > hear "shared secret" in a file context I think of random data that only the > participants know about, but in and of itself has no real meaning. > > I unfortunately can't remember where I read about how this works (the contents > of the tls-auth file are sent verbatim across the wire without header or > checksum info followed immediately by the real TLS authentication?), but if I > understand it correctly it sounds like this file should be some random data and > probably need not be more than 1k or so, if even that (depending on how > paranoid you feel, of course). > > Can anybody advise on this? If this was already posted somewhere else I > apologize, I did several searches through this list and on Google and was > unable to find an answer to this question. Any help is appreciated. > > Thank you, > Nat Harward > nharward at yahoo dot com > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > -- ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |