PfSense 2.5 will only work with AES-NI capable CPUs
-
So those customers can use AES-GCM, right?
I don't disagree. I'm merely saying if you were going to pick one, AES-GCM is still the natural choice.
And the cache timing attacks are also pretty irrelevant to a purely local instance. Back to square one.
Agreed. While I appreciate their desire to get the crypto right, I don't think it's necessary to prevent systems that lack AES-NI from running pfSense 2.5.
-
Local instances of RESTCONF aren't vulnerable at all.
-
pfSense's crypto library, OpenSSL, already includes a bitsliced AES implementation that provides resistance to cache timing attacks
-
OpenSSL will prefer AES-NI, when available, for customers that are concerned.
-
Mounting a successful cache timing attack under a realistic attack scenario would be extremely difficult.
-
And, ChaCha20-Poly1305 is a viable alternative.
At any rate, the fundamental argument "RFC 7525 REQUIRES [AES-GCM]" is bogus, the RFC says no such thing. There are good reasons to implement multiple algorithms/modes, and all this handwaving is just confusing.
Indeed. RFC 7525 recommends the AES-GCM cipher suites, but does not require them. And beyond that recommendation, ChaCha20-Poly1305 isn't any less RFC compliant than AES-GCM. ChaCha20-Poly1305 is specified in RFC 7905, and AES-GCM isn't a mandatory-to-implement TLS 1.2 cipher suite, either. Software support for ChaCha is a bit more limited, but Netgate controls the software on both endpoints anyway.
-
-
I didn't read all 6 pages but ….
I use pfSense on a j1900 Supermicro based home built router. I like pfSense because it supports multiple simultaneous OpenVPN instances.
Just in case my J1900 no longer works at a later time, are there any other router implementations (ipfire, sophos, etc.) that support multiple OpenVPN instances. I know all don't but some might.
Thanks.
-
I didn't read all 6 pages but ….
I use pfSense on a j1900 Supermicro based home built router. I like pfSense because it supports multiple simultaneous OpenVPN instances.
Just in case my J1900 no longer works at a later time, are there any other router implementations (ipfire, sophos, etc.) that support multiple OpenVPN instances. I know all don't but some might.
Thanks.
This forum is about pfSense hardware. You should try the General Discussion or better yet the respective forums of other distributions.
-
I didn't read all 6 pages but ….
I use pfSense on a j1900 Supermicro based home built router. I like pfSense because it supports multiple simultaneous OpenVPN instances.
Just in case my J1900 no longer works at a later time, are there any other router implementations (ipfire, sophos, etc.) that support multiple OpenVPN instances. I know all don't but some might.
Thanks.
This forum is about pfSense hardware. You should try the General Discussion or better yet the respective forums of other distributions.
Thanks, but it's relevant here in this thread.
pfSense says it won't support my motherboard in a couple of years. What are the options given my needs? Had pfSense not stated this change, you would be somewhat correct. The forum police are some of the most annoying people on earth. I'll figure out which ones support the J1900. I don't feel like downloading and experimenting with 10 - 20 other firewalls just to see how openvpn works on it.
-
Thanks, but it's relevant here in this thread.
pfSense says it won't support my motherboard in a couple of years. What are the options given my needs? Had pfSense not stated this change, you would be somewhat correct. The forum police are some of the most annoying people on earth. I'll figure out which ones support the J1900. I don't feel like downloading and experimenting with 10 - 20 other firewalls just to see how openvpn works on it.
Sorry but it's not relevant. I removed the off-topic comments. You are welcome to discuss 3rd party solutions on their forums.
-
I didn't read all 6 pages but ….
I use pfSense on a j1900 Supermicro based home built router. I like pfSense because it supports multiple simultaneous OpenVPN instances.
Just in case my J1900 no longer works at a later time, are there any other router implementations (ipfire, sophos, etc.) that support multiple OpenVPN instances. I know all don't but some might.
Thanks.
This forum is about pfSense hardware. You should try the General Discussion or better yet the respective forums of other distributions.
Thanks, but it's relevant here in this thread.
pfSense says it won't support my motherboard in a couple of years. What are the options given my needs? Had pfSense not stated this change, you would be somewhat correct. The forum police are some of the most annoying people on earth. I'll figure out which ones support the J1900. I don't feel like downloading and experimenting with 10 - 20 other firewalls just to see how openvpn works on it.
How about in two years you pickup a j3355 off eBay for $15 and save yourself the hassle.
-
I didn't read all 6 pages but ….
I use pfSense on a j1900 Supermicro based home built router. I like pfSense because it supports multiple simultaneous OpenVPN instances.
Just in case my J1900 no longer works at a later time, are there any other router implementations (ipfire, sophos, etc.) that support multiple OpenVPN instances. I know all don't but some might.
Thanks.
This forum is about pfSense hardware. You should try the General Discussion or better yet the respective forums of other distributions.
Thanks, but it's relevant here in this thread.
pfSense says it won't support my motherboard in a couple of years. What are the options given my needs? Had pfSense not stated this change, you would be somewhat correct. The forum police are some of the most annoying people on earth. I'll figure out which ones support the J1900. I don't feel like downloading and experimenting with 10 - 20 other firewalls just to see how openvpn works on it.
How about in two years you pickup a j3355 off eBay for $15 and save yourself the hassle.
Thanks. Nice idea but I have another plan. Moderators prevent me from describing it.
-
Back in 2006 when i first used FreeNas (Opensource software based on FreeBSD to turn a old pc in to a NAS, a fork of mOnOwall),
it worked on the oldest hardware you could think of, like Pentium II or III and even on Thin Clients.
Arround 5 years later, the software became so "heavy" that the minimum requirements where :
Multicore 64Bit cpu,
8Gb minimum bootdrive
8Gb RAM !!!
When i first read the article about pfSense 2.5 and only work with AES-NI capable cpu's, i get a "deja vu".
What started out as a lightweight software is now turning to become a bulldozer which demands
for faster and faster (and newer) hardware.
So am i the only one that think it's like "it's all about the benjamins" ?Grtz
DeLorean -
Back in 2006 when i first used FreeNas (Opensource software based on FreeBSD to turn a old pc in to a NAS, a fork of mOnOwall),
it worked on the oldest hardware you could think of, like Pentium II or III and even on Thin Clients.
Arround 5 years later, the software became so "heavy" that the minimum requirements where :
Multicore 64Bit cpu,
8Gb minimum bootdrive
8Gb RAM !!!
When i first read the article about pfSense 2.5 and only work with AES-NI capable cpu's, i get a "deja vu".
What started out as a lightweight software is now turning to become a bulldozer which demands
for faster and faster (and newer) hardware.
So am i the only one that think it's like "it's all about the benjamins" ?Grtz
DeLoreanAES-NI is not exclusive to Netgate hardware. AES-NI has been around for many years, it's not considered as a "heavy" requirement. It may be about the benjamins, but not on our end.
-
We are giving everyone a heads up for almost two years in advance, they will require a CPU from 2011 or newer. When pfSense 2.5 is released, pfSense 2.4 will be supported for another year or so.
To be fair, not all chips released in/after 2011 included AES-NI. The low-power Celerons come to mind.
And some ATOM processors… :-\
Sales Order Date: 1/11/2015 11:46:56 AM
JetWay JNF9B-2700 Intel Atom D2700 2.13GHz Intel NWho cares when you bought. Intel released that CPU 6 years ago.
http://ark.intel.com/products/59683/Intel-Atom-Processor-D2700-1M-Cache-2_13-GHz
Research your hardware before you buy it…
-
We are giving everyone a heads up for almost two years in advance, they will require a CPU from 2011 or newer. When pfSense 2.5 is released, pfSense 2.4 will be supported for another year or so.
To be fair, not all chips released in/after 2011 included AES-NI. The low-power Celerons come to mind.
And some ATOM processors… :-\
Sales Order Date: 1/11/2015 11:46:56 AM
JetWay JNF9B-2700 Intel Atom D2700 2.13GHz Intel NWho cares when you bought. Intel released that CPU 6 years ago.
http://ark.intel.com/products/59683/Intel-Atom-Processor-D2700-1M-Cache-2_13-GHz
Research your hardware before you buy it…
Until last week, what would have prompted someone who doesn't need a high-performance VPN to in any way care about AES-NI?
And, I'll note you don't need to go back to 2011 to find new Intel processors released without AES-NI. DAVe3283 provided a nice link to a list of current CPUs without AES-NI:
By way of example, this is the list of Intel processors currently being sold with at least 2 cores and that DON'T have AES-NI: https://ark.intel.com/Search/FeatureFilter?productType=processors&CoreCountMin=2&AESTech=false&FilterCurrentProducts=true
At this time, there are 233 processors on that list. If you restrict yourself to 4+ core processors, there are still 59 actively sold processors without AES-NI! Several of them were launched Q4 of last year, so we aren't just talking old stock laying around. -
We are giving everyone a heads up for almost two years in advance, they will require a CPU from 2011 or newer. When pfSense 2.5 is released, pfSense 2.4 will be supported for another year or so.
To be fair, not all chips released in/after 2011 included AES-NI. The low-power Celerons come to mind.
And some ATOM processors… :-\
Sales Order Date: 1/11/2015 11:46:56 AM
JetWay JNF9B-2700 Intel Atom D2700 2.13GHz Intel NWho cares when you bought. Intel released that CPU 6 years ago.
http://ark.intel.com/products/59683/Intel-Atom-Processor-D2700-1M-Cache-2_13-GHz
Research your hardware before you buy it…
Until last week, what would have prompted someone who doesn't need a high-performance VPN to in any way care about AES-NI?
And, I'll note you don't need to go back to 2011 to find new Intel processors released without AES-NI. DAVe3283 provided a nice link to a list of current CPUs without AES-NI:
By way of example, this is the list of Intel processors currently being sold with at least 2 cores and that DON'T have AES-NI: https://ark.intel.com/Search/FeatureFilter?productType=processors&CoreCountMin=2&AESTech=false&FilterCurrentProducts=true
At this time, there are 233 processors on that list. If you restrict yourself to 4+ core processors, there are still 59 actively sold processors without AES-NI! Several of them were launched Q4 of last year, so we aren't just talking old stock laying around.For anyone actually purchasing hardware and not just repurposing old hardware, I would hope the desire to have a remotely future proof purchase would've prompted someone to care about AES-NI. VPN, especially in the US, is becoming much more commonly needed and so are faster internet connections. At this point it's not possible to have any sort of efficient encryption capability without it. Sure, you can get functional encryption without it right now, but not efficient. Again, if you're spending money, even last week before this announcement, it's something that should be considered, period.
EDIT: and that list of CPUs is terrible. I think we can safely exclude atom's meant for cell phones and Xeon Phi's from contention for possible PFSense duty…
EDIT2: the only way to make that CPU list not terrible, is to at least add Intel64 (x86-64) to the filter, as it's another relevant feature that might be worthwhile to have for future proof purchases in 2017.... add that little gem to the filter and they've literally only released 1 CPU since q2 2015 (basically the last 2 years) without AES-NI. And if you look at quad cores, it's only 1 CPU released without since Q3 2014...
Quit whining about your terrible purchase...
-
Until last week, what would have prompted someone who doesn't need a high-performance VPN to in any way care about AES-NI?
We talked about the importance of having AES-NI for a lot longer than that. You can find many "will this work" threads on our forums and /r/PFSENSE where others point out AES-NI importance as well.
And, I'll note you don't need to go back to 2011 to find new Intel processors released without AES-NI. DAVe3283 provided a nice link to a list of current CPUs without AES-NI:
By way of example, this is the list of Intel processors currently being sold with at least 2 cores and that DON'T have AES-NI: https://ark.intel.com/Search/FeatureFilter?productType=processors&CoreCountMin=2&AESTech=false&FilterCurrentProducts=true
At this time, there are 233 processors on that list. If you restrict yourself to 4+ core processors, there are still 59 actively sold processors without AES-NI! Several of them were launched Q4 of last year, so we aren't just talking old stock laying around.We are aware not all CPU's from 2011 onwards have AES-NI, that's why the heads-up is over a year in advance.
-
We talked about the importance of having AES-NI for a lot longer than that. You can find many "will this work" threads on our forums and /r/PFSENSE where others point out AES-NI importance as well.
While I believe you, this announcement was the first time I ever saw the importance of AES-NI referenced outside of VPN. Heck, I'm even having trouble searching for examples where it came up on reddit (again, outside of VPN). I'm sure examples exist, but I don't think it was very common.
We are aware not all CPU's from 2011 onwards have AES-NI, that's why the heads-up is over a year in advance.
For systems that don't get refreshed very often, but are rather important to patch for security updates, one year doesn't seem all that long. While 2.4 will presumably be supported for one year, I imagine packages may see the end of support before then. And even if that doesn't happen, two years doesn't seem all that long, either.
And, as you know, you're literally going to have to go out of your way to prevent systems that don't support AES-NI from working. You're using OpenSSL, which automatically falls back to the fabled bit-sliced AES implementation. Presumably you're going to have to add a check on boot to prevent pfSense from starting on non-AES-NI systems.
While it sounds well-intentioned, it seems pretty unnecessary. Users of Netgate hardware will use AES-NI regardless. Home users of the Community Edition might end up using software crypto, but those users are unlikely to use the cloud management functionality, which is, as far as I can tell, the only place where could plausibly be a problem. And even in those cases, those users would fall back to a bit-sliced AES implementation if they have a CPU that supports SSE3. And that's to say nothing of the difficult attack models necessary for cache timing attacks.
-
We talked about the importance of having AES-NI for a lot longer than that. You can find many "will this work" threads on our forums and /r/PFSENSE where others point out AES-NI importance as well.
While I believe you, this announcement was the first time I ever saw the importance of AES-NI referenced outside of VPN. Heck, I'm even having trouble searching for examples where it came up on reddit (again, outside of VPN). I'm sure examples exist, but I don't think it was very common.
We are aware not all CPU's from 2011 onwards have AES-NI, that's why the heads-up is over a year in advance.
For systems that don't get refreshed very often, but are rather important to patch for security updates, one year doesn't seem all that long. While 2.4 will presumably be supported for one year, I imagine packages may see the end of support before then. And even if that doesn't happen, two years doesn't seem all that long, either.
And, as you know, you're literally going to have to go out of your way to prevent systems that don't support AES-NI from working. You're using OpenSSL, which automatically falls back to the fabled bit-sliced AES implementation. Presumably you're going to have to add a check on boot to prevent pfSense from starting on non-AES-NI systems.
While it sounds well-intentioned, it seems pretty unnecessary. Users of Netgate hardware will use AES-NI regardless. Home users of the Community Edition might end up using software crypto, but those users are unlikely to use the cloud management functionality, which is, as far as I can tell, the only place where could plausibly be a problem. And even in those cases, those users would fall back to a bit-sliced AES implementation if they have a CPU that supports SSE3. And that's to say nothing of the difficult attack models necessary for cache timing attacks.
We talked about the importance of having AES-NI for a lot longer than last week (others have noticed it, just find many "rate my build" threads) and we gave a heads-up to everyone for over a year in advance because we know not every CPU has AES-NI.
-
We talked about the importance of having AES-NI for a lot longer than last week (others have noticed it, just find many "rate my build" threads) and we gave a heads-up to everyone for over a year in advance because we know not every CPU has AES-NI.
What do you expect is the natural hardware refresh cycle for a router in small business/SOHO/home environments?
-
We talked about the importance of having AES-NI for a lot longer than last week (others have noticed it, just find many "rate my build" threads) and we gave a heads-up to everyone for over a year in advance because we know not every CPU has AES-NI.
What do you expect is the natural hardware refresh cycle for a router in small business/SOHO/home environments?
I don't see how that question is relevant for this topic as well as to what I just told you. Let's not go into off-topic, please.
-
We talked about the importance of having AES-NI for a lot longer than last week (others have noticed it, just find many "rate my build" threads) and we gave a heads-up to everyone for over a year in advance because we know not every CPU has AES-NI.
What do you expect is the natural hardware refresh cycle for a router in small business/SOHO/home environments?
I don't see how that question is relevant for this topic as well as to what I just told you. Let's not go into off-topic, please.
It's absolutely relevant to whether one-year notice is sufficient. You're taking about a change that will go out of its way to break compatibility with systems that are only a few years old.
-
Dude just buy a new cpu in a couple years. You aren't going to change anyone's mind throwing a fit on the internet.
-
For systems that don't get refreshed very often, but are rather important to patch for security updates, one year doesn't seem all that long.
What do you expect is the natural hardware refresh cycle for a router in small business/SOHO/home environments?
"rather important" or SMB/SOHO/home - make up your mind. ;)
In a "rather important" install I don't care about a few hundred [currency], really. And I wouldn't buy stuff today that does not support the latest and greatest shit, including AES-NI. And I'd swap-out hardware every two years so I'm always covered with warranty (plus support contracts).
For SMB/SOHO/home it is totally sufficient to run 2.4.xyz until hardware dies or use-pattern changes. I can live without AES-NI or a possible downtime due to hardware failures there.