Future changes in crypto algorithms

Matthias Urlichs matthias at urlichs.de
Fri Jun 22 06:44:34 CEST 2018

On 18.06.2018 14:08, Vivien Malerba wrote:
> However, for any organization which will use WireGuard, even if admins
> are very effective at applying updates, updating all the endpoint
> systems simultaneously is not realistic. At the same time, it may be
> the case that the organization can't afford the downtime, in which
> case using WireGuard will simply not be an option, which is too bad.

Fixing any crypto weakness will require kernel updates and configuration
changes. A very easy config change, compared to all the other work you'd
have to do if a flaw is discovered that forces a different crypto
algorithm, is "use a second WG instance with a different UDP port".

A script that monitors connections to the new WG instance and
auto-disables the associated peer keys in the old instance is easy
enough to write.

Problem solved, no downgrade attack possible.

-- Matthias Urlichs

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20180622/a06b4232/attachment.html>

More information about the WireGuard mailing list