Patch: In https://github.com/OpenVPN/openvpn/blob/55af8e9a4138db0c9de6f6e29dec9839231ec798/src/openvpn/ssl.h#L113 you have to change #define TLS_OPTIONS_LEN 512 (512 bytes = 4096 bit) to #define TLS_OPTIONS_LEN 2048 (2048 bytes = 16384 bit)
NSA says you have to protect an AES-256 key with RSA/Diffie Hellman 15360 bit. http://www.nsa.gov/business/programs/elliptic_curve.shtml 4096 bit RSA/Diffie Hellman is only secure for AES-128. NSA: "To use RSA or Diffie-Hellman to protect 128-bit AES keys one should use 3072-bit parameters" EU says you have to protect an AES-256 key with RSA 15424 bit. http://ec.europa.eu/information_society/apps/projects/logos/6/216676/080/deliverables/001_DSPA20.pdf Page 30 (39 of 121) Table 7.2 Please support 16384 bit RSA/Diffie Hellman keys like NSS/OpenSSL. Thank you. PS: Most people don't know that using RSA 4096 bit with Diffie Hellman 1024 bit results to a security as you would use a RSA 1024 bit key. So additionally you should implement a check that RSA and DH key have the same lengths. Notice: In OpenSSL's "crypto/dh/dh.h" is a 10000 bit limit for Diffie Hellman parameters. So it's currently not possible to use DHE as protection for nothing over AES-128 bits. The devs don't react to my mails.
