https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162016-05-08T07:32:52ZpfSense bugtrackerpfSense - Todo #6332: Upgrade encryption options to cover current range of recommendationshttps://redmine.pfsense.org/issues/6332?journal_id=270302016-05-08T07:32:52ZStilez y
<ul></ul>Also noting
<ul>
<li>captiveportal.inc uses MD5 to generate randomness for the session id (and probably shouldn't?)</li>
<li>auth.inc appears to upgrade password storage from md5-hash to bcrypt-hash when a login succeeds but no hint is given otherwise that some users have old passwords still stored (indefinitely) as MD5 hashes which may present an unrealised vulnerability in the system as nothing is done to these if the user doesn't log on.</li>
</ul> pfSense - Todo #6332: Upgrade encryption options to cover current range of recommendationshttps://redmine.pfsense.org/issues/6332?journal_id=292692016-11-05T10:09:57ZSean McBride
<ul></ul><p>I was about to file a similar bug, but found this one searching the bugbase for "md5".</p>
<p>I'm new to pfsense and just reading through the book and setting up IPsec VPN. I was rather shocked to see "md5" as an option in various places, since it's been known to be weak since 2004ish.</p>
<p>This bug entry is pretty ambitious IMHO, perhaps a good starting point would be simply purge "md5" and other crud as options in the UI and increase some of the default encryption settings?</p> pfSense - Todo #6332: Upgrade encryption options to cover current range of recommendationshttps://redmine.pfsense.org/issues/6332?journal_id=292702016-11-05T11:04:48ZJim Pingle
<ul></ul><p>We can't outright purge md5 and other weak options because people are frequently forced to use them for third party vendor interoperability. It would be nice to allow the admin to selectively disable some, but given how they are represented differently based on whichever underlying software is used (openvpn, strongswan, mpd, etc) then it's tougher to do than it seems on the surface.</p>
<p>We do try to offer strong and sensible defaults, but those change over time so there is always room for debate as there could be some area that was overlooked or recently gained a stronger option that's more desirable.</p> pfSense - Todo #6332: Upgrade encryption options to cover current range of recommendationshttps://redmine.pfsense.org/issues/6332?journal_id=292712016-11-05T12:04:42ZSean McBride
<ul></ul><p>Jim Pingle wrote:</p>
<blockquote>
<p>We can't outright purge md5 and other weak options because people are frequently forced to use them for third party vendor interoperability.</p>
</blockquote>
<p>Still? :( Speaks volumes on the state of internet security I suppose. :(</p>
<p>How about at least putting warnings in the text under the various popups? I could probably grep the strings and submit a patch...</p>
<blockquote>
<p>We do try to offer strong and sensible defaults, but those change over time so there is always room for debate as there could be some area that was overlooked or recently gained a stronger option that's more desirable.</p>
</blockquote>
<p>Well, from what I've touched upon so far setting up IPsec:<br /> - phase 1 hash algo defaults to only SHA1<br /> - phase 1 DH group defaults to only 1024 bit</p> pfSense - Todo #6332: Upgrade encryption options to cover current range of recommendationshttps://redmine.pfsense.org/issues/6332?journal_id=292742016-11-05T14:03:55ZJim Thompsonjim@netgate.com
<ul><li><strong>Assignee</strong> set to <i>Anonymous</i></li></ul><p>In general I agree that we could do a better job here. Beaver can look into that.</p>
<p>Things like md5 have to stay until they are deprecated via RFC or similar. You wouldn't believe the fight that some here (now gone) put up when I removed (single) DES from IPsec.</p> pfSense - Todo #6332: Upgrade encryption options to cover current range of recommendationshttps://redmine.pfsense.org/issues/6332?journal_id=295142016-11-19T14:34:04ZSean McBride
<ul></ul><p>I believe such an RFC exists already:</p>
<p><a class="external" href="https://tools.ietf.org/html/rfc6151">https://tools.ietf.org/html/rfc6151</a></p>
<p>Section 2: "MD5 is no longer acceptable where collision resistance is required such as digital signatures."</p> pfSense - Todo #6332: Upgrade encryption options to cover current range of recommendationshttps://redmine.pfsense.org/issues/6332?journal_id=412852019-08-13T14:34:45ZJim Pingle
<ul><li><strong>Category</strong> set to <i>Web Interface</i></li></ul>