Working only one way

Fredrik Strömberg stromberg at mullvad.net
Tue Apr 10 17:23:35 CEST 2018


Hi Luis,

On Tue, Apr 10, 2018 at 3:16 PM, Ing. Luis Felipe Domínguez Vega
<luis.dominguez at mtz.desoft.cu> wrote:
> 1 - Can I change the length (to 4096 bits for example) of private key? or is not neccesary, I am a little paranoic with this kind of security cipher.
>

No. WireGuard uses cryptographic primitives which are
state-of-the-art, with a large security margin. No options means
there's nothing for users to misconfigure, or any risk of so called
downgrading attacks.

Also note that the bit length you are asking for is normal for RSA,
but enormous for elliptic curve based primitives, which is what
WireGuard uses.

Cheers,
Fredrik


More information about the WireGuard mailing list