Jump to content


Photo
- - - - -

Wireguard + post-quantum cryptography

privacy

  • This topic is locked This topic is locked
27 replies to this topic

#21 bkyq

bkyq

    Newbie

  • Members2
  • Pip
  • 5 posts

Posted 03 December 2018 - 09:29 PM

Please read this

 

Whilst Wireguard itself may be around 4000 LoC, it still adds a bunch of crypto which will need a thorougher indepth review. You seem to be another simpleton whose jumped on the "omg Torvalds finds it fantastic we must deploy it today" bandwagon. He may *like* the code, but there's much more to it than that.

 

In comparison, OpenVPN has 100k lines + 500k lines of OpenSSL, or StrongSwan, which is 400k lines + XFRM (IPSec) at 13k lines. Even with the crypto code attached it's still tiny. OpenVPN is overwhelmingly complex, with large attack surfaces, using mostly cryptographic designs from the 90's. I do hope the 'simpleton' comment made you feel better, though. I'm sure you need it. :)



#22 bkyq

bkyq

    Newbie

  • Members2
  • Pip
  • 5 posts

Posted 03 December 2018 - 10:06 PM

We know that current Wireguard release is experimental and the protocol is subject to change, as reported by Wireguard programmers in the home page

 

They say it's not to be considered secure yet because it's still not in the MLK. If you followed the WireGuard mailing list you'd know Jason states the 'not to be considered production ready' is an ass covering statement and actually WireGuard is fine.

 

At the moment it is totally unusable in our infrastructure because it lacks TCP support

 

TunSafe adds support for WireGuard over TCP. https://github.com/TunSafe/TunSafe/blob/master/docs/WireGuard%20TCP.txt

 

Honestly I think this is the crux of the issue. Your infrastructure isn't compatible in its current state, so it's a good business decision not to include it. There's absolutely nothing wrong with that; I still love Air. You're exceptional at what you do. But all the other FUD is unnecessary.



#23 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7859 posts

Posted 04 December 2018 - 11:14 AM

In comparison, OpenVPN has 100k lines + 500k lines of OpenSSL, or StrongSwan, which is 400k lines + XFRM (IPSec) at 13k lines. Even with the crypto code attached it's still tiny. OpenVPN is overwhelmingly complex, with large attack surfaces, using mostly cryptographic designs from the 90's. I do hope the 'simpleton' comment made you feel better, though. I'm sure you need it. :)

 

Hello,

 

you don't need to link OpenVPN against OpenSSL. For example in Android we link it against mbedTLS.

 

Kind regards



#24 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7859 posts

Posted 04 December 2018 - 12:05 PM

https://github.com/TunSafe/TunSafe/blob/master/docs/WireGuard TCP.txt
 
Honestly I think this is the crux of the issue. Your infrastructure isn't compatible in its current state, so it's a good business decision not to include it. There's absolutely nothing wrong with that; I still love Air. You're exceptional at what you do. But all the other FUD is unnecessary.

 

 

Hello!
 
it looks like you still miss the point. Wireguard, in its current state, not only is dangerous because it lacks basic features and is an experimental software, but it also weakens dangerously the anonymity layer. Our service aims to provide some anonymity layer, therefore we can't take into consideration something that weakens it so deeply.

 

We will gladly take Wireguard into consideration when it reaches a stable release AND offers at least the most basic options which OpenVPN has been able to offer since 15 years ago. The infrastructure can be adapted, our mission can't.

 

We provided a list of missing features causing real, objective security flaws in Wireguard (when meant to provide specific features). We will expand them here below since it looks like you missed the huge implications of the mentioned issues.

 

If you followed the WireGuard mailing list you'd know Jason states the 'not to be considered production ready' is an ass covering statement and actually WireGuard is fine.

 

It's not a matter to "cover their asses" as you say.

 

First, it's a matter of security. If you followed some basic IT security principle, you would know how wrong and dangerous a claim like the one quoted here above is. If you are really in the position to certify that "Wireguard is fine", then do it officially. If you can't do it officially, your words must be considered irrelevant, because they go against the claims of the very Wireguard developers themselves.

 

Second, it is a matter of lacking features that are essential for any service which aims to provide a decent layer of anonymity.

 

Wireguard, in its current state, does not meet our requirements. Here below, once again, some points which need to be considered and addressed:

 

  • Wireguard lacks dynamic IP address management. The client needs to be assigned in advance a pre-defined VPN IP address uniquely linked to its key on each VPN server. The impact on the anonymity layer is catastrophic;
  • Wireguard client does not verify the server identity (a feature so essential that it will be surely implemented when Wireguard will be no more an experimental sofware); the impact on security caused by this flaw is very high;
  • TCP support is missing (third party or anyway additional code is required to use TCP as the tunneling protocol, as you suggest, and that's a problematic regression when compared to OpenVPN);
  • there is no support to connect Wireguard to a VPN server over some proxy with a variety of authentication methods.

 

Kind regards



#25 discov

discov

    Newbie

  • Members2
  • Pip
  • 6 posts

Posted 04 December 2018 - 12:55 PM

With due respect to all tech savvy folks in our forum, I have few comments. I subscribe to IVPN in addition to Air. Recently, IVPN started providing wireguard servers (10 servers) in multiple platforms (Windows not yet available). To my knowledge, they are providing this option after Mullvad and Azirevpn. I have also seen that vpn.ac and Torguard are planning to bring some wireguard servers, but the timeline is not known. IVPN clearly indicated "WireGuard is a new VPN protocol that promises better security and faster speeds compared to existing solutions like OpenVPN or IPSec.Please be aware that this protocol is still in development and we only recommend using it for testing purposes and in situations where security is not critical."



#26 5YmkoLQZ

5YmkoLQZ

    Advanced Member

  • Members2
  • PipPipPip
  • 215 posts

Posted 04 December 2018 - 01:22 PM

With due respect to all tech savvy folks in our forum, I have few comments. I subscribe to IVPN in addition to Air. Recently, IVPN started providing wireguard servers (10 servers) in multiple platforms (Windows not yet available). To my knowledge, they are providing this option after Mullvad and Azirevpn. I have also seen that vpn.ac and Torguard are planning to bring some wireguard servers, but the timeline is not known. IVPN clearly indicated "WireGuard is a new VPN protocol that promises better security and faster speeds compared to existing solutions like OpenVPN or IPSec.Please be aware that this protocol is still in development and we only recommend using it for testing purposes and in situations where security is not critical."

 

Well, now we have a list of VPN's of whom never to trust, and I'd consider them compromised for daring to deploy software that has not had the scrutiny OpenVPN has over the last 20 years. Sure, WG is less LoC, but really, who cares? What we care about first and foremost is how secure the software is.

 

It's a matter of who you trust: Staff have outlined a number of points about the weaknesses in the protocol and how it's basically not ready for deployment, yet certain providers do it anyway? If that's how they operate their business (deploy shiny new thing without due care) then maybe it's worth reconsidering just how seriously they take your security.

 

I'd cancel Air if they dared deploy Wireguard for many years before it's actually ready and fully tested. The other big name provider (PIA) has also not deployed Wireguard, which is the only and correct course of action.

 

This thread should be locked, the discussion is meaningless; Wireguard isn't touching Air for a long time to come.



#27 5YmkoLQZ

5YmkoLQZ

    Advanced Member

  • Members2
  • PipPipPip
  • 215 posts

Posted 04 December 2018 - 01:31 PM

Please read this

 

Whilst Wireguard itself may be around 4000 LoC, it still adds a bunch of crypto which will need a thorougher indepth review. You seem to be another simpleton whose jumped on the "omg Torvalds finds it fantastic we must deploy it today" bandwagon. He may *like* the code, but there's much more to it than that.

 

In comparison, OpenVPN has 100k lines + 500k lines of OpenSSL, or StrongSwan, which is 400k lines + XFRM (IPSec) at 13k lines. Even with the crypto code attached it's still tiny. OpenVPN is overwhelmingly complex, with large attack surfaces, using mostly cryptographic designs from the 90's. I do hope the 'simpleton' comment made you feel better, though. I'm sure you need it. :)

 

So let's get this right. You'd rather trust something unproven, untested, without any real world use cases to speak of against something that's been developed over the last 20 years? Without the little bug fixes here and there, or the casual security issue that gets patched over time?

 

Who's to say what starts as 4k/20k LoC won't spiral into 100k also within the next 20 years? As if that's a metric we can actually use to judge how secure something is. I'm guessing there must be a fixed Integer where a single LoC over makes it 'insecure' by default.

 

OpenVPN is trusted, proven technology. You claim it has a 'large attack surface' but you haven't substantiated those claims.

 

18 years later and this blog post still holds true today, I suggest reading it and understanding newer isn't always better.

 

"When you throw away code and start from scratch, you are throwing away all that knowledge. All those collected bug fixes. Years of programming work." - Someone actually sensible, circa 2000.



#28 Moat

Moat

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 08 December 2018 - 08:14 PM

I'm not a tech user, but search in trying to understand. I read, and wished I copied the URL's, on various blogs that:

- wireguard lists IP addresses of users on the server in the clear while connected, one of the current providers claimed to have asked Jason to code soft to counter that apparently.

- wireguard needs logs on the server linking IP to user credentials, permanently, for it to work. Err, how you do no longs on that? This could be solved by client software registering credentials anew every time a connection establishes, and allow for this to only be of temporary nature (while the connection lasts) But, that requires a client soft and adaptation to the server, so I read.

- wireguard does not allow any random server selection, credentials are server specific.

 

Credentials could be the same for all servers, imagine service providers like avpn assigning some 15000 IP addresses, one to each individual user, and then telling each of their servers IP X is user Y. Alternatively pre-allocate 15000 ip's each on 90 servers, do the match ... and do it dynamically between soft and server while the thing originally is not programmed to do that ...

 

No thanks.

 

I did try wireguard, and have to say on low level routers where openvpn gives lousy performance wireguard maxed out the connection speed and improved the connection stability, even when compared to no tunnel. That makes it very alluring, the rest is stay away from it.


_____________________________________

A moat does not protect against pigeons!






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 15877 - BW: 65982 Mbit/sYour IP: 52.201.27.211Guest Access.