As stated in the previous recipe, OpenVPN uses two symmetric keys when setting up a point-to-point connection. However, it is also possible to use shared, yet asymmetric keys in point-to-point mode. OpenVPN will use four keys in this case:
A Cipher key on the client side
An HMAC key on the client side
A Cipher key on the server side
An HMAC key on the server side
The same keying material is shared by both sides of the point-to-point connection but those keys that are derived for encrypting and signing the data are different for each side. This recipe explains how to set up OpenVPN in this manner and how the keys can be made visible.
For this recipe, we use the secret.key file from the previous recipe. Install OpenVPN 2.0 or higher on two computers. Make sure that the computers are connected over a network. For this recipe, the server computer was running CentOS 5 Linux and OpenVPN 2.1.1. The client was running Windows XP SP3 and OpenVPN 2.1.1.
We launch the server (listening) side OpenVPN process with an extra option to the
--secretparameter and with more verbose logging:[root@server]# openvpn \ --ifconfig 10.200.0.1 10.200.0.2 \ --dev tun --secret secret.key 0 \ --verb 7
Then we launch the client-side OpenVPN process:
[WinClient] C:\>"\Program Files\OpenVPN\bin\openvpn.exe" \ --ifconfig 10.200.0.2 10.200.0.1 \ --dev tun --secret secret.key 1\ --remote openvpnserver \ --verb 7
The connection will be established with a lot of debugging messages.
If we look through the server-side messages (searching for
crypt), we can find the negotiated keys on the server side. Note that the output has been reformatted for clarity:… Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key … Static Encrypt: CIPHER KEY: 80797ddc 547fbdef 79eb353f 2a1f3d1f … Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication … Static Encrypt: HMAC KEY: c752f254 cc4ac230 83bd8daf 6141e73d 844764d8 … Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key … Static Decrypt: CIPHER KEY: 8cf9abdd 371392b1 14b51523 25302c99 … Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication … Static Decrypt: HMAC KEY: 39e06d8e 20c0d3c6 0f63b3e7 d94f35af bd744b27
On the client side, we will find the same keys but the 'Encrypt' and 'Decrypt' keys have been reversed:
… Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key … Static Encrypt: CIPHER KEY: 8cf9abdd 371392b1 14b51523 25302c99 … Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication … Static Encrypt: HMAC KEY: 39e06d8e 20c0d3c6 0f63b3e7 d94f35af bd744b27 … Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key … Static Decrypt: CIPHER KEY: 80797ddc 547fbdef 79eb353f 2a1f3d1f … Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication … Static Decrypt: HMAC KEY: c752f254 cc4ac230 83bd8daf 6141e73d 844764d8
If you look at the keys carefully, you can see that each one of them is mirrored on the client and the server side.
OpenVPN derives all keys from the static.key file, provided that there is enough entropy (randomness) in the file to reliably generate four keys. All keys generated using the following will have enough entropy:
$ openvpn –-genkey –-secret secret.key
An OpenVPN static key file is 2048 bits in size. The Cipher keys are each 128 bits, whereas the HMAC keys are 160 bits each, for a total of 776 bits. This allows OpenVPN to easily generate four random keys from the static key file, even if a cipher is chosen that requires a larger initialization key.
The same secret key files are used in a client/server setup when the following parameter is used: tls-auth ta.key.
Chapter 2's recipe, Setting up the public and private keys, in which the
tls-authkey is generated in a very similar manner.