> - Will it supersede IPsec, in your opinion? No.
It sounds like a “diet IKEv2.” It does key exchange and encapsulation over one port and is layer 3 only. [1] It might be a sufficient solution for a quick, simple VPN setup. If you want something more, there’s OpenIKED. [1] https://www.wireguard.io/papers/wireguard.pdf > On Jul 13, 2017, at 17:50, if...@airmail.cc wrote: > > Hi, > I have recently read about WireGuard Protocol and it seems really > interesting. Here's a description (from wireguard.io): > > ---------------------------------------------------------------- > > "WireGuard is an extremely simple yet fast and modern VPN that > utilizes state-of-the-art cryptography. It aims to be faster, > simpler, leaner, and more useful than IPSec, while avoiding the > massive headache." [It] "has been formally verified in the symbolic > model using Tamarin. This means that there is a security proof of > the WireGuard protocol. The protocol has been verified to possess > the following security properties: > * Correctness > * Strong key agreement & authenticity > * Key-compromise impersonation resistance > * Key secrecy > * Forward secrecy > * Session uniqueness > * Identity hiding" > > "It intends to be considerably more performant > than OpenVPN" [and] "aims to be as easy to configure and deploy > as SSH." [...] "WireGuard uses state-of-the-art cryptography, like > the Noise protocol framework, Curve25519, ChaCha20, Poly1305, > BLAKE2, SipHash24, HKDF, and secure trusted constructions." [...] > "Compared to behemoths like *Swan/IPsec or OpenVPN/OpenSSL, in which > auditing the gigantic codebases is an overwhelming task even for > large teams of security experts, WireGuard is meant to be > comprehensively reviewable by single individuals." > > ---------------------------------------------------------------- > > > > So, my question is: > - Will it supersede IPsec, in your opinion? > - Why should someone use OpenIKED instead of WireGuard > (if it will be ported to OpenBSD)? > - There's any plan for a future implementation of the protocol, > using the best security practices of OpenBSD team? I'm mainly > concerned about privsep here (pledge) and correctness. It doesn't > matter if the protocol has a formal verification if it's > implementation is bad. > > > > Regards. >
