Project

General

Profile

Actions

Feature #9531

closed

[IPSEC] Add additional curve-based DH Groups (31+)

Added by Jens Groh over 5 years ago. Updated about 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
IPsec
Target version:
Start date:
05/17/2019
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

DH Group 31/32 (incl. curve25519) variants are available in Strongswan and it would be nice to have them as additions to the DH Group dropdown.

Actions #1

Updated by Jim Pingle over 5 years ago

  • Status changed from New to In Progress
  • Assignee set to Jim Pingle
  • Target version set to 2.5.0
Actions #2

Updated by Jim Pingle over 5 years ago

Group 31 (curve25519) works. Group 32 (curve448) does not. Appears to be a strongSwan issue, I raised a bug report upstream: https://wiki.strongswan.org/issues/3064

Commit coming shortly which enables the curve25519 plugin and group 31.

Actions #3

Updated by Jim Pingle over 5 years ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100
Actions #4

Updated by Jim Pingle over 5 years ago

  • Status changed from Feedback to In Progress

That was quick. Fix is in upstream: https://wiki.strongswan.org/projects/strongswan/repository/revisions/97708f7ff7571a159ca9a3d03804ffc506469449/diff

Will test with that after 2.4.4-p3 ships and we have 2.5.0 snapshots going again.

Actions #5

Updated by Jim Pingle over 5 years ago

  • Status changed from In Progress to Feedback

Looks good on the current snapshot with group 31 and 32

Actions #6

Updated by Jens Groh over 5 years ago

Just curious: would the changeset be appliable to 2.4.4-p3 when released?

I have a current customer that would like to upgrade his IPSEC tunnel to curve 25519 so an appliable patch via System Patches would be fine as an interim solution ;)

Actions #7

Updated by Jim Pingle over 5 years ago

Jens Groh wrote:

Just curious: would the changeset be appliable to 2.4.4-p3 when released?

The first patch to add group 31 might, but the 32 would not since it requires a patch to strongSwan. I only tested on 2.5.0.

Actions #8

Updated by Jens Groh over 5 years ago

Jim Pingle wrote:

The first patch to add group 31 might, but the 32 would not since it requires a patch to strongSwan. I only tested on 2.5.0.

Not trying to add complexity to this. But a patch for DH31 capability I'd take for sure ;)

As german BSI recommends using elliptic curve ciphers like 25519-based, brainpool or secpxxxRy that would help against people using bad/old/unsafe cipher suites and settings (had to shout one down recently that tried to sneak a 3DES one in).

But really appreciate the fast response on that on in general! Thanks a lot!

Actions #9

Updated by Jim Pingle over 5 years ago

The first patch above, 4fc267484e604509b072b398642f19cb6797ef21, applies cleanly to 2.4.4-p2 and 2.4.4-p3 and adds only group 31. I didn't test it, but the libstrongswan curve25519 plugin is there, so it should work.

Actions #10

Updated by Jens Groh over 5 years ago

Alright will test within our lab setup and try it with the customer if that works. Will report back!

Actions #11

Updated by Jens Groh over 5 years ago

Just as feedback: we had the first two tunnels set up with EC25519 / DH31 as Phase1 (and in one case Phase2, too) and as of yet all is well an normal as expected. :)

Actions #12

Updated by Jim Pingle over 5 years ago

  • Status changed from Feedback to Resolved
Actions #13

Updated by Jim Pingle about 5 years ago

  • Status changed from Resolved to Feedback
  • Target version changed from 2.5.0 to 2.4.5

I picked back the Group 31 change only to 2.4.5 to test since it was reported to function. If it works, re-target this back to 2.5.0 and close it again since it's already been tested there.

Actions #14

Updated by Jens Groh about 5 years ago

Jim Pingle wrote:

I picked back the Group 31 change only to 2.4.5 to test since it was reported to function. If it works, re-target this back to 2.5.0 and close it again since it's already been tested there.

Don't know if that helps but as stated above, I'm running the DH31 changeset added through patches system in 2.4.4-p3 without a hitch with 3 IPSEC peers smoothly for months now and don't expect any issues.

Actions #15

Updated by Jim Pingle about 5 years ago

  • Status changed from Feedback to Resolved
  • Target version changed from 2.4.5 to 2.5.0

Group 31 can be selected and works when chosen on 2.4.5.

2.4.5.a.20191217.0637

Actions

Also available in: Atom PDF