Preshared Key Rework Coming Soon
stromberg at mullvad.net
Thu May 11 23:25:14 CEST 2017
Great to hear. Thank you all for your hard work.
On Thu, May 11, 2017 at 10:32 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> Hey lazylist,
> Since the last discussion of preshared key mode in WireGuard, we've
> made some substantial progress. Trevor and I have been working out the
> cryptodetails , and Kevin and I have been tweaking our formal
> verification model. Everything is coming together quite nicely on that
> For those who are just catching up on this discussion, the gist is
> that the PresharedKey attribute is moving from being part of the
> Interface to part of the Peer. This will enable PSKs to be a pair-wise
> value, rather than having an Interface use one PSK for all its peers,
> a significant security improvement.
> I've written up the changes in the whitepaper  and the protocol doc
> . I've implemented it in the latest git master, though probably you
> should wait for the next snapshot to try it out. I'm now in the
> progress of writing  patches  for various  WireGuard
> integrations, so that when I release the next snapshot, things can
> transition over smoothly, in addition to various Noise libraries .
> If all goes well, the Noise changes will be out on Tuesday, and the
> snapshot should happen minutes after that.
> Let me know if there are any questions.
>  https://moderncrypto.org/mail-archive/noise/2017/001006.html
>  https://www.wireguard.io/papers/wireguard.pdf
>  https://www.wireguard.io/protocol/
>  https://github.com/openwrt/packages/pull/4341/files#diff-4fe54b567672346a15da55f1c6af8c9a
>  https://github.com/openwrt/luci/pull/1160/files
>  https://github.com/NixOS/nixpkgs/pull/25646/files#diff-110379e7db2311e8bef5a02392ac1495
>  https://github.com/flynn/noise/pull/11/files
> WireGuard mailing list
> WireGuard at lists.zx2c4.com
More information about the WireGuard