On 17/06/18 00:07, Alex K wrote: > > > On Sat, Jun 16, 2018 at 12:58 PM, Gert Doering <g...@greenie.muc.de > <mailto:g...@greenie.muc.de>> wrote: > > Hi, > > On Sat, Jun 16, 2018 at 12:29:27AM +0300, Alex K wrote: > > Hi all, > > > > I have a server/client setup where I have set the following directive at > > server and client: > > > > cipher AES-128-CBC > > > > When establishing VPN at client logs I see: > > > > Fri Jun 15 17:25:22 2018 Data Channel Encrypt: *Cipher 'AES-256-GCM' > > *initialized > > with 256 bit key > [..] > > The log indicates that Cipher AES-256-GCM is used. Am i missing sth? Is > > this expected? > > cipher-negotiation decided that something "better" is available :-) > > > Is it AES-128-CBC insecure? I was thinking to use it to reduce the > encapsulation overhead and perhaps the CPU utilization that AES-256-GCM might > incur. > I am running VPN clients on small devices.
No, AES-128-CBC is still reasonable. AES-256 is a bit better if considering a post-quantum scenario (the crypto geeks can provide better details here). The advantage GCM has over CBC is that authentication happens in the same crypto operation as the decryption. While CBC needs to have decryption and authentication as two separate steps, which is more costly CPU wise. The network packet payload is also a bit smaller per packet with GCM. Compared to --auth SHA1, I believe the packet size is 8 bytes smaller, and even more if using --auth SHA256. Small devices might not be too bad at AES-GCM ciphers as it used to be though; it depends on what kind hardware generation it is and if the SSL library can utilize the hardware acceleration. I've heard that more and more mobile phones these days do have AES hardware support (often as an additional "support CPU"), but even some ARM Cortex (ARMv8) has the possibility for AES built into the CPU as well. But generally, I would advice you to run some thorough performance tests before deciding if CBC or GCM is better for you. -- kind regards, David Sommerseth OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
