[Openvpn-devel,1/3] man: add security considerations to --compress section

Message ID 1528020718-12721-1-git-send-email-steffan@karger.me
State Accepted
Headers show
Series [Openvpn-devel,1/3] man: add security considerations to --compress section | expand

Commit Message

Steffan Karger June 3, 2018, 12:11 a.m. UTC
As Ahamed Nafeez reported to the OpenVPN security team, we did not
sufficiently inform our users about the risks of combining encryption
and compression.  This patch adds a "Security Considerations" paragraph
to the --compress section of the manpage to point the risks out to our

Signed-off-by: Steffan Karger <steffan@karger.me>
 doc/openvpn.8 | 10 ++++++++++
 1 file changed, 10 insertions(+)


Gert Doering June 3, 2018, 9 a.m. UTC | #1
This makes sense.  Whatever else we do, explaining the *why* parts 
is helping users make an educated choice.

Acked-By: Gert Doering <gert@greenie.muc.de>

Your patch has been applied to the master and release/2.4 branch.

commit a59fd1475089eda4c89942d345070bb942180223 (master)
commit 6795a5f3d55f658fc1a28eb9f3b11d1217e3329c (release/2.4)
Author: Steffan Karger
Date:   Sun Jun 3 12:11:56 2018 +0200

     man: add security considerations to --compress section

     Signed-off-by: Steffan Karger <steffan@karger.me>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <1528020718-12721-1-git-send-email-steffan@karger.me>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16919.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>

kind regards,

Gert Doering

Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


diff --git a/doc/openvpn.8 b/doc/openvpn.8
index 4114f40..0e5d467 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -2516,6 +2516,16 @@  If the
 parameter is empty, compression will be turned off, but the packet
 framing for compression will still be enabled, allowing a different
 setting to be pushed later.
+.B Security Considerations
+Compression and encryption is a tricky combination.  If an attacker knows or is
+able to control (parts of) the plaintext of packets that contain secrets, the
+attacker might be able to extract the secret if compression is enabled.  See
+e.g. the CRIME and BREACH attacks on TLS which also leverage compression to
+break encryption.  If you are not entirely sure that the above does not apply
+to your traffic, you are advised to *not* enable compression.
 .B \-\-comp\-lzo [mode]