Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Jul 2016 12:36:29 +0300
From:      Andrey Chernov <ache@freebsd.org>
To:        Kevin Oberman <rkoberman@gmail.com>
Cc:        Slawa Olhovchenkov <slw@zxy.spb.ru>, Jung-uk Kim <jkim@freebsd.org>, freebsd-security@freebsd.org, FreeBSD Current <freebsd-current@freebsd.org>
Subject:   Re: GOST in OPENSSL_BASE
Message-ID:  <9ef020b8-077c-b7a7-bfa5-ddb51f85e632@freebsd.org>
In-Reply-To: <673ea9f5-e5e5-91e0-5bd1-2119c2f7b493@freebsd.org>
References:  <20160710133019.GD20831@zxy.spb.ru> <f35c1806-c06d-0d46-1c8a-58a56adef9a7@freebsd.org> <a4f0585d-cc99-e44a-7f59-0dd23e3c969f@FreeBSD.org> <20160711184122.GP46309@zxy.spb.ru> <98f27660-47ff-d212-8c50-9e6e1cd52e0b@freebsd.org> <c0bb5ae3-fee6-d40c-86bd-988c843d757b@freebsd.org> <CAN6yY1sOrL42ssbfGUKz8%2BaY0VvKPDHPx2S0ZRNpmmgdB0V8Tg@mail.gmail.com> <673ea9f5-e5e5-91e0-5bd1-2119c2f7b493@freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 12.07.2016 12:16, Andrey Chernov wrote:
> On 12.07.2016 8:48, Kevin Oberman wrote:
>>     >> May be need file PR for dns/bind910?
>>     >>
>>     >> # grep -3 BROK /poudriere/ports/default/dns/bind910/Makefile
>>     >> .include <bsd.port.pre.mk <http://bsd.port.pre.mk>>;
>>     >>
>>     >> .if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) &&
>>     ${SSL_DEFAULT} == base
>>     >> BROKEN= OpenSSL from the base system does not support GOST, add \
>>     >>         DEFAULT_VERSIONS+=ssl=openssl to your /etc/make.conf and
>>     rebuild everything \
>>     >>         that needs SSL.
>>     >> .endif
>>     >>
>>     >
>>     > I dislike idea to use GOST in the bind, it is unneeded there, DNSSEC
>>     > don't use GOST, so I vote for removing GOST option from there.
>>     >
>>
>>     I need to note that RFC exists, proposing GOST (old version) for DNSSEC:
>>     https://tools.ietf.org/html/rfc5933
>>     but nobody really use it.
>>
>> In case people are not aware of it, Russian law now requires ALL
>> encrypted traffic must either be accessible by the FSB or that the
>> private keys must be available to the FSB. 
> 
> It is not quite so. All traffic must be available for 6 months and they
> express intention to ask big companies for their private keys, but later
> is not required by the law (not yet...)
> 
>> I have always assumed that
>> GOST has a hidden vulnerability/backdoor that the FSB is already using,
> 
> I already answer this question elsewhere in this thread with the reference.
> 
>> but this makes it mandatory. Putin gave the FSB 2 weeks to implement the
>> law, which is clearly impossible, but I suspect that there will be a
>> huge effort to pick all low-hanging fruit. As a result, I suspect no one
>> outside of Russia will touch GOST. (Not that they do now, either.) I'd
>> hate to see its support required for any protocol except in Russia as
>> someone will be silly enough to use it.
> 
> I already explain required GOST usage pattern in this thread.
> 

Ah, I see, freebsd-current list was excluded by someone, so I repeat
what I wrote:

Official documents workflow here require using GOST signatures for
authenticity and consistency verification, they are needed or, in some
cases, required for both people and companies. Since it is official in
any case, there is no harm to have FSB backdoor in the algo, unless some
hacker will find it. Just don't use GOST for something else to stay on
safe side.

BTW, latest GOST based on elliptic curves, so from math point of view
probability of having backdoor here is minimal. I don't examine its
implementation.
See
https://ru.wikipedia.org/wiki/%D0%93%D0%9E%D0%A1%D0%A2_%D0%A0_34.10-2012
You can consider GOST goals are the same as FIPS ones with the reason to
have things "domestically produced".




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9ef020b8-077c-b7a7-bfa5-ddb51f85e632>