[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Username/Password authentication strengh

  • Subject: Re: [Openvpn-users] Username/Password authentication strengh
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Tue, 28 Dec 2004 22:29:42 -0700 (MST)

On Wed, 29 Dec 2004, Mathias Sundman wrote:

> On Tue, 28 Dec 2004, Leonard Isham wrote:
> >> With normal cryptography where you have access to both the chipertext and
> >> plaintext you can easily do an off-line brute-force attack, but as I have
> >> understood it, with a properly designed password authentication protocol,
> >> it is not possible to sniff the traffic and do an off-line brute-force
> >> attack on this data, is this correct?
> I've been reading up on this matter, and found this internet draft 
> describing diffrent authentication mechanisms pretty interesting. Maybe 
> someone else is interested...
> http://bgp.potaroo.net/ietf/idref/draft-iab-auth-mech/

That's a good survey.  Eric Rescorla is a pretty smart guy -- he's also 
the developer of the new Datagram TLS protocol which OpenVPN might 
eventually migrate to.

Incidentally, in the context of the survey, OpenVPN's authentication 
approach is to use TLS as a channel over which to exchange a second tier 
of authentication info such as username/password and random key bits for 
derivation of symmetric keys.

Offline password attacks should be equal in difficulty to attacking TLS 
itself, and online attacks are constrained by the speed of the TLS 

In the case of username/password auth without client side certificates,
see 7.2. Case Study: TLS Anonymous DH + Passwords.  The section notes the
MITM attack potential if the server doesn't have a certificate.  OpenVPN
clients always require that the server present a certificate, even with
username/password-only auth.


Openvpn-users mailing list