Update on Hong Kong
October 24, 2014
Reports on Slowdowns on Encryption Upgrade
October 29, 2014
Show all

Servers overhauled, Italy is back!

Hi guys!

We’ve just updated all our servers to use 256 bit AES encryption, with our HMAC auth changed to SHA512! This is a step up from our previous cypher, which was 128 bit AES. However this overhaul comes at a slight inconvenience, you will need to update your configurations. Thankfully this is pretty easy with the BolehVPN client. Just head to the Settings tab and hit Update Configurations. If you’re a custom user however, you’ll need to update manually.

We also listened to your feedback on the Italy server and brought it back! It’s waiting for you, just hit Update to see that old friend.

Let us know how everything goes! 🙂

0 Comments

  1. Himan says:

    Is there anything happen with “fully routed” config?
    All of them are not working.
    Others is working properly.
    Thanks.

  2. Hmm says:

    Trying to update manually and I see it’s still the old settings.

  3. Dano says:

    I thought 256-bit was more vulnerable to timing attacks… Can you please explain 🙂

    • Reuben says:

      Dear Dano,

      You’re absolutely correct that AES 256 is more vulnerable to timing attacks.

      However according to Schneier:

      There are three reasons not to panic:

      a) The attack exploits the fact that the key schedule for 256-bit version is pretty lousy — something we pointed out in our 2000 paper — but doesn’t extend to AES with a 128-bit key.
      b) It’s a related-key attack, which requires the cryptanalyst to have access to plaintexts encrypted with multiple keys that are related in a specific way.
      c) The attack only breaks 11 rounds of AES-256. Full AES-256 has 14 rounds (this means it only breaks a handicapped version of AES-256)

      This means b) and c) mitigate it.

      There are also new studies that aim at different vulnerabilities in which AES-256 is stronger than AES-128 for those attacks.

      “The first key-recovery attacks on full AES were due to Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger, and were published in 2011.[26] The attack is a biclique attack and is faster than brute force by a factor of about four. It requires 2^126.1 operations to recover an AES-128 key. For AES-192 and AES-256, 2^189.7 and 2^254.4 operations are needed, respectively.”

      http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Known_attacks

  4. thump says:

    “If you’re a custom user however, you’ll need to update manually.”

    How? I just re-downloaded my client config through my account and the config files have not been updated. What are the new appropriate strings for the “cipher” and “tls-cipher”?

  5. lofgents says:

    What needs to be changed in dd-wrt please as I cannot get it working.

    Thanks

  6. perfide says:

    How to use 256-bit encryption with Open VPN ?

  7. seatux says:

    I wished there was an email about this earlier. I’ve just hosed my RPi’s config file thinking it went wrong.

  8. mugcy says:

    I did the update you mentioned but I’m getting an “Unknown error” every time I try to log in.

  9. Hmm says:

    “auth 512” is incorrect. Openssl doesn’t know what you’re talking about. It should be, auth SHA512

  10. Luce says:

    To anyone that needs it, replace:

    cipher AES-128-CBC
    tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA

    With this:

    auth sha512
    cipher AES-256-CBC
    tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA

  11. Indingo says:

    oh….. well that explains why BolehVPN is running slow for me now xD.

    Its not like 256 is better, its just more overhead. I wish we were able to chose which we wished to use. I literally dropped 40% speed-wise.

  12. krasnal says:

    Reuben,

    You have not told us *how to* manually update our files. Didn’t you see Himan’s post?

    And as thump says, the config files have not been changed — and are therefore wrong. Again, no response from you.

    We need clear instructions how to make the changes manually. Until we do, our VPNs are hosed.

    I’m very disappointed with this roll-out. We received no notice, no chance for discussion, you’ve not updated the config files, and we’ve had no clear no instructions. My vpn is on a router and throughput will be hammered performance-wise by the use of AES-256.

    Not at all happy.

    • Reuben says:

      Hi Krasnal,

      Just got to approving your comment which was held under moderation.

      Have spoken to you via your support ticket and you’re absolutely right, we can do better. This rollout was a result of a miscommunication as explained when our tech partner asked our support team to roll it out on a few servers to test which was misread and resulted in a global update and the current shenanigans.

      We’re relooking into whether AES-256 is needed but previously when we implemented 128 we were given lots of crap and were marked negatively by many because of this.

  13. Buddha81 says:

    Ever since the profile upgrade I went from 1M download to 90K

    Can you please explain the drop?

  14. Indingo says:

    Its alright now Reuben, I had to change my configuration files around and adjust my router. I always have a faster connection of 128bit encryption due to my WiFi signal and range, Its never going to be as fast as it was but a now 10% loss of speeds is not to much of an issue, I can honestly say in any real terms 128bit AES is as safe as 256bit AES. Its not the key size that will be broken but the algorithm itself, the key size is much safer then the math or integrity of the actual cipher. In any real terms, 128bit and 256bit are the same as the size of the key wont matter in the breaking of AES, AES cipher itself will be the breaking point. Won’t really matter anyway much as BolehVPN employs Perfect Forward Secrecy, or at least I think it does, which makes the issue kinda moot as the breaking of AES will more then likely be public very quickly and you almost definitely would fall back within 24 hours to blowfish 🙂

    I support what ever you choose to do though, I do however suggest having an update email and an update post at least 48 hours before major cryptographic changes.

    Thanks 🙂

    Indingo.

  15. Dano says:

    Thanks for the reply Reuben. It does make sense.

  16. Adam says:

    How do you update the configuration on iPad please?

Leave a Reply

Your email address will not be published. Required fields are marked *