On Friday, May 24, 2013 12:21:47 PM Phil Mayers wrote:
On 24/05/13 11:44, Pieter Hulshoff wrote:
Hello all,
Does FreeRADIUS support AES-GCM in EAP-TLS? I couldn't find the term in
the
documentation, the wiki or the mailinglist archives, but perhaps I'm
looking in the wrong place?
Typically this is down the TLS libraries; it's not usually the case that
the application needs to do anything.
It seems I have a lot to learn yet about what is and is not a part of
FreeRADIUS. My apologies for pushing (slightly) OT subjects onto the
mailinglist.
That said, EAP-TLS is typically TLS 1.0. AIUI, AEAD ciphers require TLS
1.2 - see section 4 of RFC 5288. But again, FreeRADIUS doesn't involve
itself in this level of detail - that's an aspect of the TLS library
(OpenSSL) we use, and whatever the EAP-TLS client is using.
I guess that if we want to use AEAD cyphers we'll need to find another TLS
library or adapt/contribute to OpenSSL?
Note also that EAP-TLS (unlike other TLS-based EAP methods, such as PEAP
or TTLS) never actually sends any data over the TLS session;
essentially, it consists solely of the handshake. In TLS terms, EAP-TLS
never sends any TLS records of type=23 (application data). So, the
negotiated cipher is not used for very much.
The EAP-TLS Finished (type=20) are secured/signed with this negotiated cipher
though, correct?
Slightly OT, there seems to be some degree of uncertainty about GCM in
general, and whether it's a sensible cipher mode - for example, see
http://www.imperialviolet.org/2013/01/13/rwc03.html
Interesting article nontheless. I guess I've been working as a hardware
engineer for too long; I haven't been bothered by timing side-channel attacks
too much. :) It's something to take into consideration though.
Kind regards,
Pieter Hulshoff
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html