Cryptology ePrint Archive: Report 2019/482

Tiny WireGuard Tweak

Jacob Appelbaum and Chloe Martindale and Peter Wu

Abstract: We show that a future adversary with access to a quantum computer, historic network traffic protected by WireGuard, and knowledge of a WireGuard user's long-term static public key can likely decrypt many of the WireGuard user's historic messages. We propose a simple, efficient alteration to the WireGuard protocol that mitigates this vulnerability, with negligible additional computational and memory costs. Our changes add zero additional bytes of data to the wire format of the WireGuard protocol. Our alteration provides transitional post-quantum security for any WireGuard user who does not publish their long-term static public key -- it should be exchanged out-of-band.

Category / Keywords: cryptographic protocols / WireGuard, post-quantum cryptography, mass surveillance, network protocol, privacy, VPN, security

Original Publication (with minor differences): AFRICACRYPT 2019

Date: received 11 May 2019

Contact author: j appelbaum at tue nl,jacob@appelbaum net,chloemartindale@gmail com,peter@lekensteyn nl

Available format(s): PDF | BibTeX Citation

Version: 20190513:220009 (All versions of this report)

Short URL: ia.cr/2019/482


[ Cryptology ePrint archive ]