Post-quantum WireGuard [article]

Andreas Hülsing, Kai-Chun Ning, Peter Schwabe, Florian Weber, Ralf Zimmermann
2020 IACR Cryptology ePrint Archive  
In this paper we present PQ-WireGuard, a postquantum variant of the handshake in the WireGuard VPN protocol (NDSS 2017). Unlike most previous work on postquantum security for real-world protocols, this variant does not only consider post-quantum confidentiality (or forward secrecy) but also post-quantum authentication. To achieve this, we replace the Diffie-Hellman-based handshake by a more generic approach only using key-encapsulation mechanisms (KEMs). We establish security of PQ-WireGuard,
more » ... apting the security proofs for WireGuard in the symbolic model and in the standard model to our construction. We then instantiate this generic construction with concrete post-quantum secure KEMs, which we carefully select to achieve high security and speed. We demonstrate competitiveness of PQ-WireGuard presenting extensive benchmarking results comparing to widely deployed VPN solutions.
dblp:journals/iacr/HulsingNSWZ20 fatcat:fqn7ojrkxra3jltce7v5sgpm74