OpenWrt/LEDE Project

  • Status Researching
  • Percent Complete
    0%
  • Task Type Feature Request
  • Category Base system
  • Assigned To No-one
  • Operating System All
  • Severity Medium
  • Priority Very Low
  • Reported Version lede-17.01
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Uqbar - 15.05.2017

FS#786 - Please, add support to ecdsa key type

At the moment dropbear tool is compiled without the ecdsa key type support.
ECDSA (https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm) is considere better than RSA as it requires fewer key bits to gain same security.

Baptiste Jonglez commented on 12.07.2017 10:40

You can compile dropbear with the DROPBEAR_ECC option in menuconfig if you want ECDSA support.

However, it adds 23 KB to the dropbear binary on MIPS, so this may be too much to enable it by default.

From package/network/services/dropbear/Config.in:

config DROPBEAR_ECC
        bool "Elliptic curve cryptography (ECC)"
        default n
        help
                Enables elliptic curve cryptography (ECC) support in key exchange and public key
                authentication.

                Key exchange algorithms:
                  ecdh-sha2-nistp256
                  ecdh-sha2-nistp384
                  ecdh-sha2-nistp521

                Public key algorithms:
                  ecdsa-sha2-nistp256
                  ecdsa-sha2-nistp384
                  ecdsa-sha2-nistp521

                Does not generate ECC host keys by default (ECC key exchange will not be used,
                only ECC public key auth).

                Increases binary size by about 23 kB (MIPS).
Uqbar commented on 12.07.2017 10:45

I think that 23Kb is not overkilling for *all* devices with 8+MB flash.
We can discuss about the 4MB devices, but surely all other ones can accommodate those 48 disk blocks! For the sake of security.

Project Manager
Matthias Schiffer commented on 12.07.2017 11:20

I agree that 23K are too much to enable by default.

One option out would be to create two dropbear package variants, so opkg can be used to install one or the other. Then we might also select the default variant for each image separately based on the flaash size, but I don't really like that idea, because it would be a deliberate inconsistency between images of the same target.

Uqbar commented on 16.07.2017 20:26

Well, the current default LuCi theme "bootstrap" is rather large (55kB) if compared to the original openwrt theme (20 kB).
The difference would be enough to accommodate the ECDSA support.

If I could vote, I would bright the "old theme" back in order to make room for better security by default.

This is just my opinion, but I am supporting it with some real numbers.

Mieszko Ślusarczyk commented on 08.12.2017 12:58

It would be very useful for me - I'm trying to switch to sekey which would let me store my key in a more secure way, and it only supports ecdsa keys.

Matthew commented on 29.01.2019 08:09

Uqbar's argument is quite strong. It's absurd that LuCi's new theme is more important than including the latest public key crypto. I switched to ed25519 a while ago, and have found it a little annoying keeping around a wrt-only RSA key.

However, it's recently come to my attention that ECC's strength lies only in key size and is actually weaker in a post quantum world than RSA. And we'll be living in a post quantum world sooner than any of us realize (possibly). I, personally, am switching back to RSA with largest supported key sizes.

I hope you've heard the rumors that certain entities have been keeping recordings of our handshakes for some time due to the potential utility of all that old data once anyone can run Shor's.

https://arxiv.org/abs/1706.06752

Even if Moore's law holds, that could still buy us an extra year.

matt

Admin
Jo-Philipp Wich commented on 29.01.2019 17:36

The size increase in dropbear after compression is ~12KB for x86. The size difference between luci-theme-bootstrap and luci-theme-openwrt after compression is ~1KB.

Uqbar commented on 01.02.2019 15:33

In my personal case (IPv4 only, mips_24kc), for example I could remove:

  • kmod-usb-ledtrig-usbport (~ 3KB)
  • ip6tables+kmod-ip6tables (~ 7KB)
  • odhcp6c (~23KB)
  • odhcpd-ipv6only (~28KB)
  • libip6tc (~18KB)

which don't really give me anything useful.
Maybe we'd need a bare-bones OpenWRT (ipv4+CLI only).

And I am not really sure on when the quantum world will be effective, though.

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing