Do I need to worry about SHA1 with Strongswan VPNs?
Been reading lately that there has been a SHA1 collision found by researchers sometime last year. It's not yet a realistically practical attack vector, but should I be looking to move to SHA256/384/512 anytime soon? What might the security implications be of someone breaking the hash of a Strongswan VPN packet; to be able to fully read the packet, would they not have to break the AES128 ESP encryption as well?
Besides security, a reason I ask is because I have an Arch Linux router PC that has Strongswan site-to-site connections to a number of other standalone router/security appliance devices (Cisco ASA5505/5506, Ubiquiti EdgeRouter, etc.). Most of those devices support SHA-2 hashes, but enabling that on some of them causes throughput performance to nosedive, and I'd prefer not to have that happen...
|