Post-quantum WireGuard

None, None; None, None; None, None; None, None; None, None

Post-quantum WireGuard

Conference Paper (2021)

Author(s)

Andreas Hulsing (Eindhoven University of Technology)

Kai Chun Ning (KPN)

Peter Schwabe (Radboud Universiteit Nijmegen, Max Planck Institute for Security and Privacy)

Florian Weber (Eindhoven University of Technology)

P.R. Zimmermann (TU Delft - Cyber Security, KPN)

Research Group

Cyber Security

DOI related publication

https://doi.org/10.1109/SP40001.2021.00030

To reference this document use:

https://resolver.tudelft.nl/uuid:22a5d304-6698-429d-8a63-f316aebe28e4

More Info

expand_more

Publication Year

2021

Language

English

Research Group

Cyber Security

Pages (from-to)

304-321

ISBN (print)

978-1-7281-8935-2

ISBN (electronic)

978-1-7281-8934-5

Abstract

In this paper we present PQ-WireGuard, a post-quantum variant of the handshake in the WireGuard VPN protocol (NDSS 2017). Unlike most previous work on post-quantum security for real-world protocols, this variant does not only consider post-quantum confidentiality (or forward secrecy) but also post-quantum authentication. To achieve this, we replace the Diffie-Hellman-based handshake by a more generic approach only using key-encapsulation mechanisms (KEMs). We establish security of PQ-WireGuard, adapting the security proofs for WireGuard in the symbolic model and in the standard model to our construction. We then instantiate this generic construction with concrete post-quantum secure KEMs, which we carefully select to achieve high security and speed. We demonstrate competitiveness of PQ-WireGuard presenting extensive bench-marking results comparing to widely deployed VPN solutions.

No files available

Metadata only record. There are no files for this record.