Someone on Reddit linked to this section of the FAQ yesterday, I was like…how have I never seen this before? Am I losing my mind? Thanks for putting me at ease. Awesome addition to the FAQ!
Suggest release tag, since it’s about the release of a new section to the FAQ.
Isn’t IPsec woefully insecure? Kind of shocked there’s no analysis in the text of it’s actual security… expected more from openbsd tbh
My understanding is that is insecure in the same sense TLS is insecure- flip the wrong switches or support the old defaults and risk downgrade attacks, but if you stick with the modern bits you’ll be safe. Happy to hear if I’m wrong though.
I would agree that more security analysis could be helpful… IKEv1 and MSCHAP are scary bits.
I haven’t trusted it since this review due to its complexity and how they usually leads to attacks:
A Cryptographic Evaluation of IPsec
That the NSA encouraged it externally but forbid it for highly-classified materials was also worrying. They usually did that when they had attacks on something. They have their own custom version of IPsec they use in Type 1-certified equipment. That’s the stuff they try to hack, fail to hack, and trust their secrets to.
All that was why WireGuard was a really, exciting development. That its protocol passed formal verification means it’s even a candidate for EAL6-7 and Type 1 certification. It might actually be better than what they’re using.
I don’t know almost anything about IPSec but the one thing I have consistently heard is that it’s very complex and hard to set up - one of the biggest hurdles for security. I believe it was Theo himself who noted that security features are useless unless they’re on by default or so easy everyone uses them. Hence, presumably, this FAQ. On the other hand @nickpsecurity mentioned WireGuard which I have heard is much easier. (To be fair though I haven’t tried anything myself.)
I dont know how easy it is to use since I dont use it yet. I just know it’s way less complex, uses good crypto, has a verified protocol, and apparently good code. That checks all the right boxes for me.