I was checking out a VPN provider online and asking them some questions and it's my understanding that OpenVPN has perfect forward secrecy, but this was their reply; 'If you are referring to Vpn, there is not PFS in openvpn'.
I guess so?
http://openvpn.net/index.php/open-sourc ... envpn.html
Thanks...
Does OpenVPN Provide Perfect Forward Secrecy?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
DasFox
- OpenVPN User
- Posts: 42
- Joined: Sat Dec 04, 2010 4:16 am
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: Does OpenVPN Provide Perfect Forward Secrecy?
"perfect forward secrecy" is reffered to SSL not the OpenVPN itself, that uses SSL.
-
DasFox
- OpenVPN User
- Posts: 42
- Joined: Sat Dec 04, 2010 4:16 am
Re: Does OpenVPN Provide Perfect Forward Secrecy?
So Perfect Forward Secrecy is just SSL?Mimiko wrote:"perfect forward secrecy" is reffered to SSL not the OpenVPN itself, that uses SSL.
What does this mean then?
If you use SSL/TLS authentication, you have the benefit of "perfect forward secrecy".
THANKS
-
krzee
- Forum Team
- Posts: 728
- Joined: Fri Aug 29, 2008 5:42 pm
Re: Does OpenVPN Provide Perfect Forward Secrecy?
openvpn provides forward security when you use certificates (client/server).
when you use shared key (ptp) it does not.
forward security refers to the fact that the effective encryption keys are changed every hour, so if someone somehow figured out the encryption key being used to encrypt the traffic, they would only be able to decrypt the traffic from that hour
when you use shared key (ptp) it does not.
forward security refers to the fact that the effective encryption keys are changed every hour, so if someone somehow figured out the encryption key being used to encrypt the traffic, they would only be able to decrypt the traffic from that hour