Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [wireguard]

WireGuard is a next generation VPN protocol, which lives in the Linux kernel, and uses state of the art cryptography.

WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it plans to be cross-platform and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.

6 questions
3
votes
1 answer

What is the purpose of the WireGuard handshake mac1 field?

The mac1 field in the WireGuard handshake messages is populated as: msg.mac1 := Mac(Hash(Label-Mac1 || Spub_m'), msgA) // first arg is MAC key Label-Mac1 is a constant, Spub_m' is the static public key of the peer, and msgA is the bytes of the…
undermountain
  • 41
  • 2
3
votes
1 answer

Digital Signatures with Curve25519 key-pair

I have a public/private key pair of Curve25519 keys used by Wireguard. How can I use this keypair to generate/verify digital signatures? Preferrably, I would like to use EdDSA/Ed25519 but I struggle to derive a Ed25519 keypair from the Curve25519…
Steffen Vogel
  • 33
  • 4
2
votes
1 answer

Encrypt text message with Wireguard public key

With its public and private key(s), Wireguard looks a bit like PGP. But it is used for encryption of network packets and not normal text messages. I'm on a system with Wireguard already installed and don't want to install more programs than…
wgquestions
  • 21
  • 1
2
votes
1 answer

Is the following crypto compatible so that I can use the same keys for both products (Wireguard & Libsodium)?

I am wondering if it is possible to use the public/private keys of two WireGuard peers also in another communication channel using libsodium? According to the WireGuard Protocol documentation and the WireGuard paper, they are using: Curve25519 for…
user3637203
  • 153
  • 3
2
votes
0 answers

Can you sign messages using Wireguard's keys?

I was wondering if I could use Wireguard's keys to sign messages, and prove authenticity of a node that runs Wireguard with its known public key from other nodes, so that I can use it in a system to prove something originated from a certain node and…
Alex
  • 121
  • 3
2
votes
1 answer

Why is static-static diffie hellman needed in Noise_IK?

TL;DR: Why is there a static-static diffie hellman in the Noise_IK handshake? Hi, I am currently trying to understand the WireGuard VPN protocol. As you may know, it uses the Noise_IK handshake from the Noise Protocol Framework. This handshake uses…
Henerii
  • 23
  • 2