Tiny WireGuard Tweak

Jacob Appelbaum, Chloe Martindale, Peter Wu

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)


We show that a future adversary with access to a quantum computer, historic network traffic protected by WireGuard, and knowledge of a WireGuard user's long-term static public key can likely decrypt many of the WireGuard user's historic messages. We propose a simple, efficient alteration to the WireGuard protocol that mitigates this vulnerability, with negligible additional computational and memory costs. Our changes add zero additional bytes of data to the wire format of the WireGuard protocol. Our alteration provides transitional post-quantum security for any WireGuard user who does not publish their long-term static public key -- it should be exchanged out-of-band.
Original languageEnglish
Title of host publicationProgress in Cryptology – AFRICACRYPT 2019
Publication statusE-pub ahead of print - 29 Jun 2019


Dive into the research topics of 'Tiny WireGuard Tweak'. Together they form a unique fingerprint.

Cite this