potential preshared-key changes

crasm at wireguard.1.email.vczf.io crasm at wireguard.1.email.vczf.io
Sun Apr 23 21:05:49 CEST 2017

On Sun, Apr 23, 2017, at 06:49 AM, Fredrik Strömberg wrote:
> [...]
> Furthermore, consider that the IP addresses of the peers will most
> likely be available to the attacker.
> [...]
> 2. The attacker gains an advantage by knowing S(pub,i) which is not
> gained by already available metadata (such as the IP addresses)

At least in my case, my IP addresses are pretty closely linked to my
identity. I don't change my VPSs as often as I should and I'm fairly
sure my residential IP is the same as it was months ago.

But isn't the public key of the initiator sure proof of identity if the
handshake is completed? An IP address would only be circumstantial and
would require extra information, like a log/account request to the ISP,
before they'd know with certainty.

In the context of a public VPN and per-user PSKs, a user's usage can be
tracked by a global adversary even if they hop networks. And their
location or movement can also be estimated. I believe interface PSKs
could prevent that if every user was trusted (private VPN?), but that
seems impossible for a public service, since someone malicious could
simply sign up for the service to get the PSK.

On Sun, Apr 23, 2017, at 07:13 AM, Fredrik Strömberg wrote:
> Hi! :)


> In practice this is equivalent to the discussed change, and "Peer PSK"
> would be the real key, for that peer.

Ah, so that would be an implementation detail for how the keys are

More information about the WireGuard mailing list