Tiny wireguard tweak

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

2 Citations (Scopus)


We show that a future adversary with access to a quantum computer, historic network traffic protected by WireGuard, and knowledge of a WireGuard user’s long-term static public key can likely decrypt many of the WireGuard user’s historic messages. We propose a simple, efficient alteration to the WireGuard protocol that mitigates this vulnerability, with negligible additional computational and memory costs. Our changes add zero additional bytes of data to the wire format of the WireGuard protocol. Our alteration provides transitional post-quantum security for any WireGuard user who does not publish their long-term static public key – it should be exchanged out-of-band.

Original languageEnglish
Title of host publicationProgress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings
EditorsAbderrahmane Nitaj, Tajjeeddine Rachidi, Johannes Buchmann
Place of PublicationCham
Number of pages18
ISBN (Electronic)978-3-030-23696-0
ISBN (Print)978-3-030-23695-3
Publication statusPublished - 1 Jan 2019
Event11th International Conference on the Theory and Applications of Cryptographic Techniques in Africa - Rabat, Morocco
Duration: 9 Jul 201911 Jul 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11627 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference11th International Conference on the Theory and Applications of Cryptographic Techniques in Africa
Abbreviated titleAfricacrypt 2019


  • Mass surveillance
  • Network protocol
  • Post-quantum cryptography
  • Privacy
  • Security
  • VPN
  • WireGuard

Fingerprint Dive into the research topics of 'Tiny wireguard tweak'. Together they form a unique fingerprint.

Cite this