[Ach] VPN related thoughts

Niklaus Schiess nschiess at adversec.com
Mon Nov 25 21:13:16 CET 2013

On 25.11.2013 18:31, christian mock wrote:
> On Mon, Nov 25, 2013 at 03:34:56PM +0100, Niklaus Schiess wrote:
>> * A few days ago a PPTP section was commited
>> (cc024c061975fe968501401b4782e314fe75fb33). I agree, PPTP is really bad
>> and should not be deployed anymore due to the lack of integrity and weak
>> encryption by MPPE (which uses RC4). But the really "broken" part of
>> PPTP is the MSCHAP-v2 challenge-response authentication. But besides
>> that, PPTP can also authenticate cients/servers by e.g. EAP-TLS (based
>> on X509 certificates). Is there a reason why alternative authentication
>> methods liek EAP-TLS aren't/won't be covered in this paper?
> First reason that comes to my mind: we'd then need to write sections
> on configuring that (securely) for a variety of installations, i.e.
> windows versions, phion firewall, whatnot.
>> * As some kind of successor of PPTP, SSTP
>> (http://msdn.microsoft.com/en-us/library/cc247338.aspx) should be added
>> to the VPN section. It's Basically just an interlayer to carry PPP
>> frames within SSL sessions (which by the way also uses MSCHAP-v2 per
>> default).
> Given the inability to design VPN protocols that MS has shown in the
> past, why should we trust they got it right this time? With MS-Chap,
> even? 

So then why is there a PPTP section anyway?

>> * The cipher listing in the OpenVPN section of "available and
>> recommended" ciphers doesn't include Blowfish (BF-CBC). Why?
> I think the direct reason was that even Schneier doesn't recommend
> using blowfish anymore. Plus we want to keep the ciphersuites in sync
> with the other software. Plus that section still is in flux.
> cm.

Niklaus Schiess

PGP FP: CB84 8C68 ADDB 6C50 7DF1 4227 F2A6 056A A799 76DA

More information about the Ach mailing list