Scheduled OpenVPN Key Refresh
-
Hi,
First of all for the math guys out there, this may sound like a huge waste of time, but based on all of the commotion over at Slashdot for example, http://yro.slashdot.org/story/13/09/05/1951204/nsa-foils-much-internet-encryption, I am thinking about automating let's say, Nightly… new key generation for OpenVPN between sites on pfSense. Let's say, shared keys for now.
What the hell for?...
Just for fun of course. I was told once by someone that the NSA changes their own keys every 15 minutes and thought that the concept could be a fun exercise.
So, with that said. Is anyone interested in a package like this?
-
Its a good idea… Would be great if the keys changed constantly and if the last key used would be the only key accepted for the beginning for the next session also. I guess... :-\
I'm guessing you would be using blowfish? I'm guessing.... I'd never suggest not to use AES...
AES is NSA approved after all, so it must be awesomely unbreakable?