Rolling keys without service interuption

Jason A. Donenfeld Jason at
Sat Dec 2 14:31:42 CET 2017

Hi Ferris,

Firstly, WireGuard already has forward secrecy, which means every new
session (negotiated every 2 minutes) has fresh keys that are
forgotten, so old recorded traffic cannot be compromised.

It sounds like, however, you want to rotate the long term static
"identity" keys. This is possible to do gracefully. If you change the
private key of an interface, it won't actually be used until the next
handshake occurs, which means you can rollover gracefully. Likewise
you can add new peers (via public keys) dynamically at runtime. Moving
a distinct allowed IP from one peer to another is an atomic operation
as well.

Hope this helps!


More information about the WireGuard mailing list