<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 4/10/19 1:38 PM, Jakob Hirsch wrote:<br>
</div>
<blockquote type="cite"
cite="mid:cbe766ca-51fc-c12a-61c0-248ab20e0a9c@Message-ID.plonk.de">
<pre class="moz-quote-pre" wrap="">i.e., everything that contains only hex characters ([0-9a-f]+) will be
considered a a hex key? I really like that, but that's a breaking change
for people using a key that consists of hex chars (and don't keep
client/server version in sync).</pre>
</blockquote>
For a random alphanumeric key the probability of being hex is at
most:
<p>((10+6+6)/(10+26+26))^20 <span class="ILfuVd">≈</span> 10^(-9)</p>
<p>It's a little worse for uppercase-only or lowercase-only
alphanumeric keys:</p>
<p>((10+6)/(10+26))^20 <span class="ILfuVd">≈</span> 10^(-7)</p>
<p>We are still safe enough I suppose...</p>
<p>Using a key that was already a valid hexadecimal number and two
different versions of stunnel would indeed cause a problem. The
solution is to also update the older stunnel...</p>
<blockquote type="cite"
cite="mid:cbe766ca-51fc-c12a-61c0-248ab20e0a9c@Message-ID.plonk.de">
<pre class="moz-quote-pre" wrap="">This may sound stupid, as you vastly
limit your key space, but mitigated by simply doubling your key size.
Maybe not many people are using such keys (or PSK in general), though...</pre>
</blockquote>
<p>There is no difference in key size, as the effective key size is
the number of entropy bits, and not the number characters. The
number of entropy bits in 32 hexadecimal digits, and the number of
entropy bits in 16 bytes is actually identical (32*4 = 16*8).</p>
<blockquote type="cite"
cite="mid:cbe766ca-51fc-c12a-61c0-248ab20e0a9c@Message-ID.plonk.de">
<pre class="moz-quote-pre" wrap="">The good news is, that PSK connections now also work with TLSv1.3, so: Yay!</pre>
</blockquote>
<p>Thank you.</p>
<p>Best regards,<br>
Mike</p>
</body>
</html>