Opportunistic encryption (prototype) with libreswan 3.14

Swan lake - 5

Encryption by default, even with no authentication, why? Because it defend(s) against Pervasive Monitoring attacks without the need to sacrifice anonymity.

libreswan 3.14, which comes with initial (prototype) support for null auth, is available in Fedora 22 updates-testing.

Enabling it by default for connections can be achieved as follows:

# Write the OE (null auth) configuration
echo > /etc/ipsec.d/oe.conf <<EOC
# From: https://github.com/libreswan/libreswan/blob/master/testing/baseconfigs/all/etc/ipsec.d/ikev2-oe.conf
# default policy
conn packetdefault
        type=tunnel
        left=%defaultroute
        authby=null
        leftid=%null
        rightid=%null
        ikev2=insist
        right=%opportunistic
        failureshunt=passthrough
        negotiationshunt=passthrough
        auto=route
EOC

# Enable conf snippets in /etc/ipsec.d
sed -i "/include.*ipsec[.]d/ s/#include/include/" /etc/ipsec.conf

# Start ipsec (will generate nssdb if necessary)
service ipsec start

Now you can check that connections to other hosts (where OE is enabled) will establish secure connections right away (with no more aotaheadahead of time key exchanges):

# Monitor
tcpdump -i any proto 50
ipsec status
…
000 IPsec SAs: total(1), authenticated(0), anonymous(1)

This works fine for me on my local network, the security however, needs to be proven.

::: {#footer} [ September 14th, 2015 9:32am ]{#timestamp} [ipsec]{.tag} [fedora]{.tag} [libreswan]{.tag} :::