- Clavister InControl & Finetune, all versions
Why is the Netcon key only 512 bit long? Isn't that a bit low? Shouldn't it be possible to generate and use a longer key?
As described by the Clavister Security team:
The 512 bits of PSK you see is not an asymmetric key, which would indeed have been short for RSA operations. (Sidenote: however, elliptic curve asymmetric keys _are_ 256-512 bits!)
The PSK field contains 2 keys: 256 bits for symmetric encryption + 256 bits for MACing. That's excellent by any standard and will, as far as science understands, be secure even against Quantum computers when they arrive.
This is in stark contrast to ASYMMETRIC ciphers (ones using 2048-4096 bits), which will be ripped to pieces by the first Quantum computer to use 2048/4096 qubits. (Or was it the square root of 2048/4096?)
One may also want to note that separate session keys are negotiated in the per-connection handshake; the PSKs are never used for encrypting known plaintext, which makes direct brute force attacks on them even harder (beyond 2^256 operations).
Asymmetric cryptography is right in asymmetric situations. However, in firewall administration scenarios such as InControl, symmetric PSKs provide all necessary security without adding asymmetric cryptography and resultant vulnerabilities to the protocol. As an example, none of the NSA's recent public-key factoring progress has impacted the NetCon protocol - it cannot.