Need for HW-clock independent timestamps
Roman Mamedov
rm at romanrm.net
Thu May 17 07:03:25 CEST 2018
On Thu, 17 May 2018 12:40:55 +0900
Paul <paul at makrotopia.org> wrote:
> For me it looks like a problem solvable in software (as done for the
> BMX routing protocol). Why even bother to get hardware involved?
Personally I am puzzled this is even an issue in WG. Not a single other VPN
protocol mandates every node to keep a monotonically increasing counter,
including even over reboots.
This has never been an issue in Tinc and OpenVPN at least, and if I'm not
mistaken neither in IPsec. And now suddenly we have people saying everyone now
has to buy and solder in some satellite based hardware just to use a VPN.
Given this didn't even arise in other VPN solutions, surely there must be other
way to solve the "replay attack" issue, without requiring an RTC (or a
persistent counter)? Perhaps nobody has just thought long enough about finding
one, and given the project in the early stages, just using the RTC (which
"everyone has") was chosen as a quick placeholder for now?
--
With respect,
Roman
More information about the WireGuard
mailing list