On 15.12.2016 20.45, David Sommerseth wrote:
> If you have a shabby random number generator and no entropy gathering
> configured,
> those keys can be fairly poor. This goes in particular for embedded devices,
> but also in
> some cases also includes virtual machines (depends on if the
On 15/12/16 20:05, Magnus Kroken wrote:
> Hi Kevin
>
> On 14.12.2016 07.54, Kevin Long wrote:
>> Assuming an adversary has full access to intercept your network traffic,
>> and virtually limitless computing power, What would you do to make the
>> best OpenVPN setup?
> --snip--
>> 1. Use easy-rsa3
A working Quantum computer with sufficient capacity will obsolete EC, RSA etc.
It will all be game-over.
End of story. [At least mostly.]
But by the time a quantum computer with the sufficient qbits becomes available,
we'll likely understand [a lot] better the ramifications of such a machine and
On 14/12/16 14:40, Jan Just Keijser wrote:
> Hi,
>
> David's remarks are correct. I've added some small nuances below, but
> overall the answers do not change.
>
> On 14/12/16 12:40, David Sommerseth wrote:
>> On 14/12/16 07:54, Kevin Long wrote:
>>> 1. Use easy-rsa3 or equivalent openssl
Hi,
David's remarks are correct. I've added some small nuances below, but
overall the answers do not change.
On 14/12/16 12:40, David Sommerseth wrote:
> On 14/12/16 07:54, Kevin Long wrote:
>> 1. Use easy-rsa3 or equivalent openssl commands to generate your
>> keys/certificates using elliptic
On 14/12/16 07:54, Kevin Long wrote:
> 1. Use easy-rsa3 or equivalent openssl commands to generate your
> keys/certificates using elliptic curve (instead of RSA).
I'm no crypto expert, but I believe there are some concerns about EC
and post-quantum computing, where it is believed that RSA will be
Assuming an adversary has full access to intercept your network traffic, and
virtually limitless computing power, What would you do to make the best OpenVPN
setup? Performance taking a backseat to security here.
Here are a few ideas I’ve come across in my last day of seeking, and I would