Why is the default DH keysize only 512 bits?
Alan DeKok
aland at deployingradius.com
Fri Sep 29 07:44:23 CEST 2006
Jason Wittlin-Cohen <jasonwc at brandeis.edu> wrote:
> I noticed that the default DH keysize in FreeRadius 1.1.3 is 512 bits.
If you're talking about the key length in the EAP-TLS module, it
looks like those aren't being used for anything. See the source.
It does look like the EAP-TLS code is setting a 512-bit ephemeral
RSA key, but my reading of the OpenSSL docs indicates it won't be
used, because SSL_OP_EPHEMERAL_RSA isn't being set. So that code
could be deleted entirely.
> I originally thought that the DH
> keysize would be determined by the DH parameter file and only realized
> that it was still using 512 bit keys when I ran freeradius in debug
> mode.
Which prints out configuration entries that aren't being used.
$ cd src/modules/rlm_eap
$ grep -r key_length .
./libeap/mppe_keys.c: PRF(s->session->master_key, s->session->master_key_length,
./libeap/mppe_keys.c: PRF(s->session->master_key, s->session->master_key_length,
./types/rlm_eap_tls/rlm_eap_tls.c: { "rsa_key_length", PW_TYPE_INTEGER,
./types/rlm_eap_tls/rlm_eap_tls.c: offsetof(EAP_TLS_CONF, rsa_key_length), NULL, "512" },
./types/rlm_eap_tls/rlm_eap_tls.c: { "dh_key_length", PW_TYPE_INTEGER,
./types/rlm_eap_tls/rlm_eap_tls.c: offsetof(EAP_TLS_CONF, dh_key_length), NULL, "512" },
./types/rlm_eap_tls/rlm_eap_tls.h: int rsa_key_length;
./types/rlm_eap_tls/rlm_eap_tls.h: int dh_key_length;
See? They're config options that aren't used. They should be deleted.
> Also, it might be a good idea to put a comment in the TLS cipher suite
> comment section that the Microsoft Windows supplicant in Windows XP SP2
> uses RC4-MD5 by default (TLS_RSA_WITH_RC4_128_MD5).
OK... the "cipher_list" configuration entry can be edited to force
particular methods, if you so desire.
> OpenSSL's 'HIGH' setting is probably the best for a Windows XP user
> as it uses EDH-RSA-DES-CBC3-SHA (TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA),
> so SHA1 is used for integrity, and DH is used for key exchange.
OK. That's good to note in the comments.
> Windows XP SP2 and earlier versions of Windows do not support AES
> for use in any of the EAP modes. Apparently, if you want to use AES
> you need to upgrade to Vista (See Security in Vista
OK...
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list