| 1 |
On Monday 13 May 2013 03:13:27 Adam Carter wrote: |
| 2 |
> > You can read a comparison between the *Swans here, but things have moved |
| 3 |
> > on since; e.g. StrongSwan supports IKEv1 in Aggressive Mode, |
| 4 |
> |
| 5 |
> Aggressive mode with pre-shared keys is vulnerable to offline dictionary |
| 6 |
> attack so you might as well use main mode. If for some reason you have to |
| 7 |
> use aggressive mode use a long randomly generated PSK. |
| 8 |
|
| 9 |
Indeed it is vulnerable, because the hash of the PSK is sent out in the |
| 10 |
initial handshake. This can be captured by eavesdropping and cracked by brute |
| 11 |
force off line. As suggested long keys help, especially if they are changed |
| 12 |
often. |
| 13 |
|
| 14 |
It is best, however, to not use a PSK at all and instead set up SSL |
| 15 |
certificates for VPN gateway and client machines authentication and RSA |
| 16 |
encryption. This makes it easy to revoke a single SSL certificate if a client |
| 17 |
is compromised, instead of having to change PSKs for any number of machines |
| 18 |
that are using the VPN network. |
| 19 |
-- |
| 20 |
Regards, |
| 21 |
Mick |
Archives