What if D-H groups were compromised?

ivarstrandberg · ‎02-27-2024

Hi.

I'm trying to write a short guide, for internal use, for Site-to-Site VPNs.

The guide will describe the different settings, what they mean, and recommended values.

I pay particular attention to D-H groups, and now I've become a bit confused (by ChatGPT, who can't really be trusted).

Let's say some entity has compromised any D-H group you're using. Your PSK and the rest of the config has not leaked, so the entity is only getting whatever data that passes on the wire.

Would this compromise the entire VPN tunnel, or would the attacker more info?

Will a feature like PPK (RFC 8784) make a difference in a scenario like this?

MHM Cisco World · ‎02-27-2024

DH group even if hacker know it he can not use to predict key.

DH group is like seed for key' it not the key.

The ipsec peers exchange it as clear text in phase1.

MHM

ivarstrandberg · ‎02-28-2024

So even if D-H groups were no longer providing any protection, IPSec tunnels would still be safe to use?

Pavan Gundu · ‎02-28-2024

Initially during the VPN formation, there will be an Asymmetric type of exchange, after both the parties have the required information they will form a shared symmetric key which is then used for encryption of the data.

Note that the shared key computation depends on many other things besides D-H groups.

And generally people enable "PFS" on their tunnels, even in case of leak of the symmetric key it can only be used to decrypt partial amount of data, not for the data in entire lifetime of the VPN tunnel. Since after a re-key process fresh keys is generated.

ivarstrandberg · ‎02-29-2024

Yes, but if D-H in general was compromised, wouldn't that also apply to every re-key?