Paper 2020/379
Post-quantum WireGuard
, Eindhoven University of TechnologyAbstract
In this paper we present PQ-WireGuard, a post-quantum variant of the handshake in the WireGuard VPN protocol (NDSS 2017). Unlike most previous work on post-quantum security for real-world protocols, this variant does not only consider post-quantum confidentiality (or forward secrecy) but also post-quantum authentication. To achieve this, we replace the Diffie-Hellman-based handshake by a more generic approach only using key-encapsulation mechanisms (KEMs). We establish security of PQ-WireGuard, adapting the security proofs for WireGuard in the symbolic model and in the standard model to our construction. We then instantiate this generic construction with concrete post-quantum secure KEMs, which we carefully select to achieve high security and speed. We demonstrate competitiveness of PQ-WireGuard presenting extensive benchmarking results comparing to widely deployed VPN solutions.
Note: Author list in alphabetical order, see: https://www.ams.org/profession/leaders/culture/CultureStatement04.pdf
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. Major revision. IEEE S&P 2021
- Keywords
- VPNpost-quantum cryptographyNIST PQCMcElieceSaber
- Contact author(s)
-
andreas @ huelsing net
kaichun ning @ kpn com
peter @ cryptojedi org
crypto @ fionajw de
prz @ mit edu - History
- 2023-09-25: last of 4 revisions
- 2020-04-03: received
- See all versions
- Short URL
- https://ia.cr/2020/379
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/379,
author = {Andreas Hülsing and Kai-Chun Ning and Peter Schwabe and Fiona Johanna Weber and Philip R. Zimmermann},
title = {Post-quantum {WireGuard}},
howpublished = {Cryptology {ePrint} Archive, Paper 2020/379},
year = {2020},
url = {https://eprint.iacr.org/2020/379}
}
