BolehVPN Security Decisions and Configuration Update Plan

Germany going offline
October 30, 2014
Important: Configuration Updates
November 10, 2014
Show all

BolehVPN Security Decisions and Configuration Update Plan

After extensive discussions as per our post here and waiting for everyone to give feedback, we have decided to change our security settings again to balance performance and security.

From our tests and feedback, the biggest performance hit comes from the implemention of SHA-512 for HMAC. However SHA-1 has been demonstrated to be insecure for quite a while now and although the vulnerability does not affect SHA-1’s implemention in HMAC we feel that it is in good security practice to upgrade this. To offset this performance hit, we are reducing AES-256 to AES-128 on select configurations and we still maintain our opinion that AES-128 is just as secure as AES-256 for the next few years (and in certain scenarios can be stronger due to its stronger key schedule).

In any case, all modern CPUs should be able to handle this with no hiccups.

Configuration Changes

FullyRouted

This will be the most used configuration for a wide variety of purposes so this needs to be in the middle ground.

Data Channel: AES 128 bit (from AES 256 bit)
HMAC: SHA-512

SurfingStreaming

This configuration will have a lower security profile as most use it for geo-location purposes and therefore will be optimized for speed while retaining a good overall security.

Data Channel: AES 128 bit (from AES256 bit)
HMAC: SHA-1 (160 bit)

Cloak

This will be our highest security profile but will be the slowest among all of them. On top of these, there is also a further layer of scrambling.

Data Channel: AES 256 bit
HMAC: SHA-512

DD-WRT and Integrated Devices

This is still under discussion with our management and we will evaluate to see if the revised configurations will hold for routers with their weaker processing power. Unfortunately we won’t be able to support older under powered routers and we will release guidelines soon as to the supported builds of DD-WRT.

If required, we would implement a handful of servers just for integrated devices/DD-WRT with reduced security settings.

When is this change happening?

This change will happen sometime this week but we will get a 48 hour notice before we initiate the configuration change. We are still concluding testing on certain naming conventions that are unique to DD-WRT due to the OpenSSL version they use. Once the configuration change is finalized, we will post an announcement and effect the changes in several phases over a 24 hour period. All you would have to do is to redownload your configurations or update it via our client.

0 Comments

  1. krasnal says:

    Hmmm, good and (IMO) less good. I think it was a sound technical decision to revert to AES-128 for most users. That makes the decision to use SHA-2-512 for HMAC on FullyRouted all the more puzzling.

    Perhaps Reuben could explain why he didn’t go for the (IMO more sensible) compromise of SHA-2-256 for HMAC. It has much less impact on routers AND 32-bit systems, while still providing a higher level of security than we realistically need. You’d have checked the “No SHA-1” box and the performance overhead would have been minimised for everyone.

    There is still the issue of the VERY weak key-exchange bit-length (1024-bit RSA) and the potential fallback use of SSLv3 that I believe need to be urgently addressed. Could Reuben comment on my concerns regarding these two matters?

  2. Indingo says:

    Thank you BolehVPN team for being considerate to everyone’s needs. You could always add configurations for DD-WRT (UDP) on the servers your already have with (AES-128 & SHA-1). It does not really matter as much for crowding because its inbound traffic and any outbound from the server to what ever the user connects to will all be under the same normal protocol. You could technically run DD-WRT at a lower security and normal Fully-Routed on the same servers with higher security just by adding DD-WRT configs. I thank you for thinking so hard on it for your users though, its very appreciated.

  3. Dano says:

    I currently use a fully routed server config on my Tomato router (Asus RT-N16) to route my entire lan. I haven’t noticed much of a slowdown (if any) since the implementation of the new configurations. Personally, I’d rather be more secure at the cost of a bit of convenience but that’s just me 😉

    Also, If I wanted to keep the more secure option on my router, can I use a Fully Routed “Cloak” option?

    What are your suggestions?

  4. krasnal says:

    @Dano

    Hi, just like you I’m also using an RT-N16 and all my LAN traffic goes through the VPN. My tests show a 30% (-ish) loss of data throughput. Since we both use the same hardware, I’d expect you to be equally affected.

    Regarding being “more secure”, I’m on record as being unconvinced that the proposed changes will make a practical difference to our security. My favored analogy is this: If I build a bridge that is 10 times stronger than it needs to be, does that make it “safer”? IMO, not in any practical sense if the original bridge specification was already strong enough. All that will happen is that the bridge will cost much more than it should have done.

    As far as I know, xCloak is only for Windows, so not possible on the router.

  5. Dano says:

    @krasnal

    Thanks for the explanation! It seems like things are going the right direction 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *