From: Peter Müller <peter.mueller@ipfire.org>
Date: Sat, 6 Aug 2022 07:17:47 +0000 (+0000)
Subject: vpnmain.cgi: Mark MODP-1536 as broken, phase out MODP-2048
X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=46803376d54f7e42d0eefe25155de82672bff41e

vpnmain.cgi: Mark MODP-1536 as broken, phase out MODP-2048

https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf (released in
2015) recommends "to use primes of 2048 bits or larger", to which BSI's
techical guideline BSI-TR-02102 (https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=5)
concurs. The latter also recommends not to use DH groups comprising of
less than 2000 bits after 2022, and shift to 3000 bit DH groups earlier
as a precaution.

According to RFC 3526, section 8, MODP-1536 provides an estimated
security between 90 and 120 bits, a value that can be reasonably
considered broken today, as it has been so for other types of
cryptographic algorithms already, and per section 2.4 in the
aforementioned paper, breaking 1024-bit DH is considered feasible for
the NSA in 2015, which does not inspire confidence for MODP-1536 in
2022.

Therefore, this patch suggests to mark MODP-1536 as broken, since it
de facto is, and tag MODP-2048 as weak. The latter is also removed from
the default selection, so newly created VPN connections won't use it
anymore, to follow BSI's recommendations of using DH groups >= 3000 bits
in 2022 and later.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 3652627e9b..9828b2f9ed 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2020  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -2360,11 +2360,11 @@ END
 	#use default advanced value
 	$cgiparams{'IKE_ENCRYPTION'}	= 'chacha20poly1305|aes256gcm128|aes256gcm96|aes256gcm64|aes256|aes192gcm128|aes192gcm96|aes192gcm64|aes192|aes128gcm128|aes128gcm96|aes128gcm64|aes128'; #[18];
 	$cgiparams{'IKE_INTEGRITY'}		= 'sha2_512|sha2_256'; #[19];
-	$cgiparams{'IKE_GROUPTYPE'}             = 'curve448|curve25519|4096|3072|2048'; #[20];
+	$cgiparams{'IKE_GROUPTYPE'}             = 'curve448|curve25519|4096|3072'; #[20];
 	$cgiparams{'IKE_LIFETIME'}		= '3'; #[16];
 	$cgiparams{'ESP_ENCRYPTION'}	= 'chacha20poly1305|aes256gcm128|aes256gcm96|aes256gcm64|aes256|aes192gcm128|aes192gcm96|aes192gcm64|aes192|aes128gcm128|aes128gcm96|aes128gcm64|aes128'; #[21];
 	$cgiparams{'ESP_INTEGRITY'}		= 'sha2_512|sha2_256'; #[22];
-	$cgiparams{'ESP_GROUPTYPE'}             = 'curve448|curve25519|4096|3072|2048'; #[23];
+	$cgiparams{'ESP_GROUPTYPE'}             = 'curve448|curve25519|4096|3072'; #[23];
 	$cgiparams{'ESP_KEYLIFE'}		= '1'; #[17];
 	$cgiparams{'COMPRESSION'}		= 'off'; #[13];
 	$cgiparams{'ONLY_PROPOSED'}		= 'on'; #[24];
@@ -3146,8 +3146,8 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
 					<option value='6144' $checked{'IKE_GROUPTYPE'}{'6144'}>MODP-6144</option>
 					<option value='4096' $checked{'IKE_GROUPTYPE'}{'4096'}>MODP-4096</option>
 					<option value='3072' $checked{'IKE_GROUPTYPE'}{'3072'}>MODP-3072</option>
-					<option value='2048' $checked{'IKE_GROUPTYPE'}{'2048'}>MODP-2048</option>
-					<option value='1536' $checked{'IKE_GROUPTYPE'}{'1536'}>MODP-1536</option>
+					<option value='2048' $checked{'IKE_GROUPTYPE'}{'2048'}>MODP-2048 ($Lang::tr{'vpn weak'})</option>
+					<option value='1536' $checked{'IKE_GROUPTYPE'}{'1536'}>MODP-1536 ($Lang::tr{'vpn broken'})</option>
 					<option value='1024' $checked{'IKE_GROUPTYPE'}{'1024'}>MODP-1024 ($Lang::tr{'vpn broken'})</option>
 					<option value='768' $checked{'IKE_GROUPTYPE'}{'768'}>MODP-768 ($Lang::tr{'vpn broken'})</option>
 				</select>
@@ -3169,8 +3169,8 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
 					<option value='6144' $checked{'ESP_GROUPTYPE'}{'6144'}>MODP-6144</option>
 					<option value='4096' $checked{'ESP_GROUPTYPE'}{'4096'}>MODP-4096</option>
 					<option value='3072' $checked{'ESP_GROUPTYPE'}{'3072'}>MODP-3072</option>
-					<option value='2048' $checked{'ESP_GROUPTYPE'}{'2048'}>MODP-2048</option>
-					<option value='1536' $checked{'ESP_GROUPTYPE'}{'1536'}>MODP-1536</option>
+					<option value='2048' $checked{'ESP_GROUPTYPE'}{'2048'}>MODP-2048 ($Lang::tr{'vpn weak'})</option>
+					<option value='1536' $checked{'ESP_GROUPTYPE'}{'1536'}>MODP-1536 ($Lang::tr{'vpn broken'})</option>
 					<option value='1024' $checked{'ESP_GROUPTYPE'}{'1024'}>MODP-1024 ($Lang::tr{'vpn broken'})</option>
 					<option value='768' $checked{'ESP_GROUPTYPE'}{'768'}>MODP-768 ($Lang::tr{'vpn broken'})</option>
 					<option value='none' $checked{'ESP_GROUPTYPE'}{'none'}>- $Lang::tr{'none'} -</option>