The client software needs the following files:
- a key/certificate duo (vpn.key/vpn.cert) signed with our certification authority set for OpenVPN, it is specific to each subscribed MyCrypNet access. It is a SSL compatible format working with the asymmetric algorithm RSA.
- A configuration file (MyCrypNet.conf or MyCrypNet.ovpn), common to all users and client softwares but different according to operating systems (Mac OS®, Windows®, Android™, IOS®, Linux®). This file contains a dissipation key that acts against DDOS attacks. It also contains the public certificate of our certification authority, common to all clients and the server, also based on RSA. The key corresponding to that certificate is stored protected and never communicated to the rest of the infrastructure, it is used to sign clients and servers certificates.
Handshake (authentication and session)
This process provides the opening of a VPN session or the renegotiation of it, at least per hour.
- The client software sends a packet with TLS headers signed with the dissipation key to the server trying to connect (SSL/TLS authentication).
- The server accepts or rejects it according to the validity of the dissipation key signature, reducing DDOS attacks risks. The TLS headers being light to generate, it provides a performant first authentication.
- The client software sends its certificate to the server.
- The server checks the certificate signature comparing it to the public certificate of the certification authority that it possesses and a crl (certificate revocation list) generated by the certification authority (currently internal but publishable in the future in order to invalidate servers with the client software).
- If the signature is right, the server sends its certificate to the client software.
- The client software checks the certificate signature by comparing with the public certificate of the certification authority it possesses (the crl will come later).
- If the signature is right, the client software and the server are sure on their mutual identities (as long as they trust the certification authority).
- The encryption and signature checks by asymmetric key are heavy to calculate compared to the encryption by symmetric key and signature by hash. We generate a HMAC containing a session symmetric key and a hash. The Diffie Helmann protocol is used to generate that HMAC without communicating it:
- the client software sends a public base C to the server, a public prime number and a public part calculated from this base, this prime number and a secret c.
- the server sends to the client software a public part S calculated from the base and the prime number sent by the client software and a secret s.
- secrets from the client software and the server did not transit through the network. S*c = C*s = HMAC (working with the symmetric algorithm AES variant CBC for the key and SHA256 for the hash).
- The conversation starts.
This process provides the packets encryption during a VPN session.
- The client software sends an encrypted packet with the session symmetric key to the server and signed with the hash.
- If the packet has to go on Internet by an exit node, the server decrypts the packet with the session symmetric key, checks the origin and the integrity with the hash and processes it.
- The server encrypts the answer from Internet coming to the exit node.
- The client software decrypts the answer with the session symmetric key. It checks the origin and the integrity with the hash.
Cryptographic algorithms used
- AES (https://en.wikipedia.org/wiki/Advanced_Encryption_Standard): Symmetric algorithm. Provides communication performance compared to RSA.
- CBC variant: this variant from AES provides a resistance to replay attacks by inserting a random seed (a same text with a same key gives 2 different results).
- Length: 256 bits.
- RSA (https://en.wikipedia.org/wiki/RSA_(cryptosystem)): Asymmetric algorithm. Provides the signatures check so the parties identity check.
- Length: 4096 bits.
- DH (https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange): Protocol. Ensures the generation of a symmetric key without communicating secret elements through the network. In conjunction with RSA, it provides a resistance against “man in the middle attacks” (https://en.wikipedia.org/wiki/Man-in-the-middle_attack) (someone cannot put himself on the middle of the communication faking each of the parties identity to the other), because RSA signs exchanges ensuring the identity of both parties. Being done every hour, it ensures a perfect forward secrecy (https://en.wikipedia.org/wiki/Forward_secrecy) (the previous symmetric key being destroyed, an attacker who would be able to possess secret elements of a session can not use them for next sessions).
- SHA256 (https://en.wikipedia.org/wiki/SHA-2): Hash algorithm. Provides signatures check faster than an asymmetric algorithm. It provides check of packets integrity.
- Length: 256 bits.
- HMAC (https://en.wikipedia.org/wiki/Hash-based_message_authentication_code): Protocol. It is used for packets encapsulation. It also provides SSL/TLS packets signature with the dissipation key reducing DDOS risks.
- Variant: Composition of SHA256 and AES-256-CBC.
Other systems used
- OpenVPN (https://en.wikipedia.org/wiki/OpenVPN): Open source software used to create the MyCrypNet network. It implements communication protocols quoted above (authentication, session and conversation).
- OpenSSL (https://en.wikipedia.org/wiki/OpenSSL): Open source library used by OpenVPN. It provides the implementation of the algorithms quoted above and needed by the OpenVPN protocols.