[strongSwan] Fwd: Re: Forward Secrecy

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Thu Dec 21 23:54:38 CET 2017 

I understood your email in conjunction with your previous one.

The structure of the ike and esp settings is described on the man page for ipsec.conf and on the wiki in the articles about ipsec.conf[1].

Quotes from the wiki page:
```
esp = <cipher suites>

comma-separated list of ESP encryption/authentication algorithms to be used for the connection, e.g.
aes128-sha256. The notation is encryption-integrity[-dhgroup][-esnmode].
```

```
ike = <cipher suites>

comma-separated list of IKE/ISAKMP SA encryption/authentication algorithms to be used, e.g.
aes128-sha256-modp3072. The notation is encryption-integrity[-prf]-dhgroup. In IKEv2, multiple algorithms
and proposals may be included, such as aes128-aes256-sha1-modp3072-modp2048,3des-sha1-md5-modp1024.
```

The man page says the exact same.

What do you mean with "gen my own group"? Are talking about your own private key? That is the only thing you generate by yourself. Every DH group is standardized to be interoperable between vendors.

[1] https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection


-------- Forwarded Message --------
Subject: 	Re: [strongSwan] Forward Secrecy
Date: 	Thu, 21 Dec 2017 17:40:47 -0500
From: 	Colony.three <colony.three at protonmail.ch>
Reply-To: 	Colony.three <colony.three at protonmail.ch>
To: 	Noel Kuntze <noel.kuntze+strongswan-users-ml at thermi.consulting>



That's a condescending response, Noel.  You don't know who I am nor seem to have understood the nature of my questions.  I was very specific.

Sure I have gone through the docs, and of course I saw the cipher speed list <https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites>.  I can decide for myself which algo suits my needs, although most others will likely be lost.

/But one question is/, the *_construct_* of the cipher string /in the actual ike= variable/.  Nothing anywhere, actually describes this.  And again for adding the PFS DH group <http://adding the PFS DH group>.  How are you supposed to actually add it if you choose to gen your own?  It doesn't specifically say anywhere.  Why do I gen my own group?  Please respect that I have my reasons.




> -------- Original Message --------
> Subject: Re: [strongSwan] Forward Secrecy
> Local Time: December 21, 2017 12:45 PM
> UTC Time: December 21, 2017 8:45 PM
> From: noel.kuntze+strongswan-users-ml at thermi.consulting
> To: Colony.three <colony.three at protonmail.ch>, users at lists.strongswan.org <users at lists.strongswan.org>
>
> strongSwan isn't software for the proletariat. As the introduction says, you need a background in networking. Obviously, to read the introduction you have to be able to find and read the documentation. The same is true for finding the list of cipher keywords on the wiki, where you will find the available ciphers, DH and HMAC keywords.
>
> Read the introduction and the tutorial about forwarding. VPNs are not trivial to set up and operate securely and correctly. If you're unsure, just use Algo[1].
>
> The BLISS certificates are broken. Don't use them.
>
> Just use very long RSA keys (4096 bit). That gives you a good security margin, even in post quantum computing.
>
> [1] https://github.com/trailofbits/algo
>
> On 20.12.2017 16:55, Colony.three wrote:
>
>     I am not very happy using RSA as the cipher, since it's been cracked.  And, as any reader of Schnier knows, elliptic curve is out of the question.
>     ikev2 only here.   I would like to use a DHE cipher, or better yet a lattice cipher, but I can not find any evidence of how to set these.  I presume it would be part of the ike= directive, but there are no examples of what strings to use.  (I have no idea what the esp= directive pertains to)  Can anyone advise?
>     I notice that there is a provisional lattice cipher for StrongSwan, very good news (though I'd have to compile SS), but unfortunately it is not supported by the Android app.  Would but that it were...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171221/250f2943/attachment.sig>

More information about the Users mailing list