(no subject)

I just finished taking Cisco's Secure Virtual Private Networks class, which is mostly about their 3000-series VPN concentrators. While the instructor seemed to know the material, I can't really say the same about the people who actually wrote the course. According to them:

• "Network Associates PGP" is a CA for your X.509 certificates.
• 3DES "effectively doubles encryption strength over 56-bit DES."
• 768 bit RSA key size "provides sufficient security."
• It's perfectly fine to use DES to encrypt your sensitive traffic.

Now, the last two are rather—erm—strange. Especially since the operational doctrine says:

Diffie-Hellman group – used for computing the encryption key (choices: #1 (768 bit modulus), #2 (1024 bit modulus), #5 (1536 bit modulus), group #5 should be used where possible, otherwise use group #2

(i.e., never use a 768-bit modulus),

Cisco suggests a minimum modulus size [for an RSA key pair] of 1024 bits.

and

Unless you have a very sound reason to use DES, (e.g. 3DES doesn’t provide the needed performance) always use 3DES. The DES algorithm is not acceptable, however, to protect information between two peers over a hostile, unprotected network (e.g. the Internet), so use 3DES for such cases.

(The router security config guide was last modified in December 2003, but that's still recent enough that I wonder why it doesn't cover AES; the Cisco VPN concentrators do support 128- and 256-bit AES encryption in software and hardware.)

On the bright side, somebody who uses the lowest-level encryption as in the course will probably also do something even stupider, such as putting a preconfigured VPN client binary on their public web page and not requiring user authentication to connect to the concentrator (fellow attendee's previous job), or spending millions of pounds on a financial industry project without having a penetration testing team or a chief security officer (BTDTBTTS and I really wish I had been able to watch the Hong Kong Monetary Authority ream them a new one).