Hardening DC++ Cryptography: TLS, HTTPS, and KEYP

BEAST, CRIME, BREACH, and Lucky 13 together left DC++ with no secure TLS support. Since then, the triple handshake attack, Heartbleed, POODLE for both SSL 3 and TLS, FREAK, and Logjam have multiplied hazards.

Fortunately, in the intervening year and a half, in response:

  • poy introduces direct, encrypted private messages in DC++ 0.830.
  • DC++ 0.840 sees substantial, wide-ranging improvements in KEYP and HTTPS support from Crise, anticipating Google sunsetting SHA1 by several months and detecting man-in-the-middle attempts across both KEYP and HTTPS.
  • OpenSSL 1.0.1g, included in DC++ 0.842, fixes Heartbleed.
  • DC++ 0.850 avoids CRIME and BREACH by disabling TLS compression; avoids RC4 vulnerabilities by removing support for RC4; prevents BEAST by supporting TLS 1.1 and 1.2; mitigates Lucky 13 through preferring AES-GCM ciphersuites; removes support for increasingly factorable 512-bit and 1024-bit DH and RSA ephemeral TLS keys; and with all but one ciphersuite, AES128-SHA, deprecated and included for DC++ pre-0.850 compatibility, uses either DHE or ECDHE ciphersuites to provide perfect forward secrecy, mitigating any future Heartbleed-like vulnerabilities.
  • DC++ 0.851 uses a new OpenSSL 1.0.2 API to constrain allowed elliptic curves to those for which OpenSSL provides constant-time assembly code to avoid timing side-channel attacks.

These KEYP, TLS, and HTTPS improvements have not only fixed known weaknesses, but prevent DC++ 0.850 and 0.851 from ever having been vulnerable to either FREAK or Logjam. As with perfect forward secrecy, these changes increase DC++’s ongoing security against yet-unknown cryptographic developments.

The upcoming version switches URLs in documentation, in menu items, and of the GeoIP downloads from HTTP to HTTPS. While these changes do not and cannot prevent attacks perfectly, it should now provide users with improved and still-improving cryptographic security for the benefit of all DC++ users.

Donations for DCNF (April 2015)

A big thank you to the following people who donated to the PayPal account for DCNF (and DC++). Your money will be spent on server and domain upkeep. We will be looking for a way for donators to receive something back.

Valentin B.
R P H.
Åke S.
Patrick H.
Alan D.
eMTee
poy

The organization now has 293,04 Euros raised from member fees and the donators above.

Direct Connect Network Foundation

In January 2015, a non-profit organization was set up, called Direct Connect Network Foundation (DCNF). The organization aims to provide information and resources for developers and users of Direct Connect. The website dcbase.org was chosen to be the main site for the organization.

DCNF is an actual registered organization in Sweden, with government number 802492-9716. See also the by-laws, and the annual meeting notes.

To become a member, simply donate to the PayPal account and make a note in the forum.

I or the others on the board will periodically make a note here about anyone who donates to the organization.

DC++ 0.851

A new security & stability update of DC++ has been released today.

There are no user visible new features this time; besides the latest OpenSSL security fixes and hardening secure connection further by disallowing weak ciphersuites this DC++ version largely focuses on mitigating malicious situations where DC++ can be used for distributed denial of service (DDoS) attacks when beeing logged in to certain malevolent NMDC hubs.

Please note that most, if not all previous DC++ versions are affected of this problem therefore this release is highly recommended for everyone still using any older DC++ versions. Once all maintained NMDC hub software implements the mitigation for this problem it is highly probable that many existing hubs will require this DC++ release as the minimum version to use.

If no critical issues found, DC++ 0.851 should be marked as the new stable DC++ release within a short period of time.

For the complete list of changes in version 0.851, please explore the changelog.

DC++ 0.850

The first new DC++ release in the last nine months, version 0.850 fixes and hardens security related functions further notably to avoid all popular TLS exploits emerged since last April.

This release also contains stability and performance updates of various 3rd party libraries and improvements of the latest version of the compiler.

For complete list of fixes and upgraded libraries, please explore the changelog items and the linked bug discussions.

DC Development hub revived

Following a two-month-long hiatus, adcs://hub.dcbase.org:16591 hosts the DC development hub again.

DC++ 0.842

The first stable release of the 0.840 series of DC++ is out. Besides a few SSL encryption related and stability fixes this version largely focuses on implementing various features asked for or recommended by the user community through our feature tracker.

The changelog shows all the implemented new features and fixes.

DC++ 0.842 also provides protection against the infamous “Heartbleed” OpenSSL vulnerability. This security hole has existed in DC++ since version 0.799.

There’s a high chance of version 0.842 is the last mainstream DC++ release that supports Windows XP.  Due to the still large userbase of the already unsupported operating system, security and major stability fixes are possible for a few more months using a separate branch targeting XP only. The update reminder system is modified so in case of any forthcoming version targeting Vista and later being released, XP users won’t see the notification dialog anymore.

From that time on people running Windows XP will see the update nag dialog only if there’s an update targeting their old OS. However, starting with version 0.840 every XP user gets a special reminder at startup about the EOS of DC++ in their operating system.

Due to the nice new features and security fixes the upgrade is highly recommended.

Follow

Get every new post delivered to your Inbox.

Join 30 other followers