Tiny wireguard tweak

Jacob R. Appelbaum; Chloe R. Martindale; Sinli Peter Wu

doi:10.1007/978-3-030-23696-0_1

Tiny wireguard tweak

Jacob R. Appelbaum, Chloe R. Martindale, Sinli Peter Wu

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Abstract

We show that a future adversary with access to a quantum computer, historic network traffic protected by WireGuard, and knowledge of a WireGuard user’s long-term static public key can likely decrypt many of the WireGuard user’s historic messages. We propose a simple, efficient alteration to the WireGuard protocol that mitigates this vulnerability, with negligible additional computational and memory costs. Our changes add zero additional bytes of data to the wire format of the WireGuard protocol. Our alteration provides transitional post-quantum security for any WireGuard user who does not publish their long-term static public key – it should be exchanged out-of-band.

Original language	English
Title of host publication	Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings
Editors	Abderrahmane Nitaj, Tajjeeddine Rachidi, Johannes Buchmann
Place of Publication	Cham
Publisher	Springer
Pages	3-20
Number of pages	18
ISBN (Electronic)	978-3-030-23696-0
ISBN (Print)	978-3-030-23695-3
DOIs	https://doi.org/10.1007/978-3-030-23696-0_1
Publication status	Published - 1 Jan 2019
Event	11th International Conference on the Theory and Applications of Cryptographic Techniques in Africa - Rabat, Morocco Duration: 9 Jul 2019 → 11 Jul 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11627 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	11th International Conference on the Theory and Applications of Cryptographic Techniques in Africa
Abbreviated title	Africacrypt 2019
Country	Morocco
City	Rabat
Period	9/07/19 → 11/07/19

Fingerprint

Keywords

Mass surveillance
Network protocol
Post-quantum cryptography
Privacy
Security
VPN
WireGuard

Cite this

Appelbaum, J. R., Martindale, C. R., & Wu, S. P. (2019). Tiny wireguard tweak. In A. Nitaj, T. Rachidi, & J. Buchmann (Eds.), Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings (pp. 3-20). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11627 LNCS). Cham: Springer. https://doi.org/10.1007/978-3-030-23696-0_1

Appelbaum, Jacob R. ; Martindale, Chloe R. ; Wu, Sinli Peter. / Tiny wireguard tweak. Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings. editor / Abderrahmane Nitaj ; Tajjeeddine Rachidi ; Johannes Buchmann. Cham : Springer, 2019. pp. 3-20 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{a594e43d6d40483cb4e86ebf35e1bcbb,

title = "Tiny wireguard tweak",

abstract = "We show that a future adversary with access to a quantum computer, historic network traffic protected by WireGuard, and knowledge of a WireGuard user’s long-term static public key can likely decrypt many of the WireGuard user’s historic messages. We propose a simple, efficient alteration to the WireGuard protocol that mitigates this vulnerability, with negligible additional computational and memory costs. Our changes add zero additional bytes of data to the wire format of the WireGuard protocol. Our alteration provides transitional post-quantum security for any WireGuard user who does not publish their long-term static public key – it should be exchanged out-of-band.",

keywords = "Mass surveillance, Network protocol, Post-quantum cryptography, Privacy, Security, VPN, WireGuard",

author = "Appelbaum, {Jacob R.} and Martindale, {Chloe R.} and Wu, {Sinli Peter}",

year = "2019",

month = "1",

day = "1",

doi = "10.1007/978-3-030-23696-0_1",

language = "English",

isbn = "978-3-030-23695-3",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "3--20",

editor = "Abderrahmane Nitaj and Tajjeeddine Rachidi and Johannes Buchmann",

booktitle = "Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings",

address = "Germany",

}

Appelbaum, JR , Martindale, CR & Wu, SP 2019, Tiny wireguard tweak. in A Nitaj, T Rachidi & J Buchmann (eds), Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11627 LNCS, Springer, Cham, pp. 3-20, 11th International Conference on the Theory and Applications of Cryptographic Techniques in Africa, Rabat, Morocco, 9/07/19. https://doi.org/10.1007/978-3-030-23696-0_1

Tiny wireguard tweak. / Appelbaum, Jacob R.; Martindale, Chloe R.; Wu, Sinli Peter.

Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings. ed. / Abderrahmane Nitaj; Tajjeeddine Rachidi; Johannes Buchmann. Cham : Springer, 2019. p. 3-20 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11627 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Tiny wireguard tweak

AU - Appelbaum, Jacob R.

AU - Martindale, Chloe R.

AU - Wu, Sinli Peter

PY - 2019/1/1

Y1 - 2019/1/1

N2 - We show that a future adversary with access to a quantum computer, historic network traffic protected by WireGuard, and knowledge of a WireGuard user’s long-term static public key can likely decrypt many of the WireGuard user’s historic messages. We propose a simple, efficient alteration to the WireGuard protocol that mitigates this vulnerability, with negligible additional computational and memory costs. Our changes add zero additional bytes of data to the wire format of the WireGuard protocol. Our alteration provides transitional post-quantum security for any WireGuard user who does not publish their long-term static public key – it should be exchanged out-of-band.

AB - We show that a future adversary with access to a quantum computer, historic network traffic protected by WireGuard, and knowledge of a WireGuard user’s long-term static public key can likely decrypt many of the WireGuard user’s historic messages. We propose a simple, efficient alteration to the WireGuard protocol that mitigates this vulnerability, with negligible additional computational and memory costs. Our changes add zero additional bytes of data to the wire format of the WireGuard protocol. Our alteration provides transitional post-quantum security for any WireGuard user who does not publish their long-term static public key – it should be exchanged out-of-band.

KW - Mass surveillance

KW - Network protocol

KW - Post-quantum cryptography

KW - Privacy

KW - Security

KW - VPN

KW - WireGuard

UR - http://www.scopus.com/inward/record.url?scp=85069189104&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-23696-0_1

DO - 10.1007/978-3-030-23696-0_1

M3 - Conference contribution

AN - SCOPUS:85069189104

SN - 978-3-030-23695-3

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 3

EP - 20

BT - Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings

A2 - Nitaj, Abderrahmane

A2 - Rachidi, Tajjeeddine

A2 - Buchmann, Johannes

PB - Springer

CY - Cham

ER -

Appelbaum JR , Martindale CR, Wu SP. Tiny wireguard tweak. In Nitaj A, Rachidi T, Buchmann J, editors, Progress in Cryptology – AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Proceedings. Cham: Springer. 2019. p. 3-20. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-030-23696-0_1

Access to Document

10.1007/978-3-030-23696-0_1

Link to publication in Scopus