Post-quantum WireGuard

Andreas Hulsing, Kai Chun Ning, Peter Schwabe, Florian Weber, Philip R. Zimmermann

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Citations (Scopus)


In this paper we present PQ-WireGuard, a post-quantum variant of the handshake in the WireGuard VPN protocol (NDSS 2017). Unlike most previous work on post-quantum security for real-world protocols, this variant does not only consider post-quantum confidentiality (or forward secrecy) but also post-quantum authentication. To achieve this, we replace the Diffie-Hellman-based handshake by a more generic approach only using key-encapsulation mechanisms (KEMs). We establish security of PQ-WireGuard, adapting the security proofs for WireGuard in the symbolic model and in the standard model to our construction. We then instantiate this generic construction with concrete post-quantum secure KEMs, which we carefully select to achieve high security and speed. We demonstrate competitiveness of PQ-WireGuard presenting extensive bench-marking results comparing to widely deployed VPN solutions.

Original languageEnglish
Title of host publication2021 IEEE Symposium on Security and Privacy (SP)
Subtitle of host publicationProceedings
EditorsL. O'Conner
Place of PublicationPiscataway
Number of pages18
ISBN (Electronic)978-1-7281-8934-5
ISBN (Print)978-1-7281-8935-2
Publication statusPublished - 2021
Event42nd IEEE Symposium on Security and Privacy, SP 2021 - Virtual, San Francisco, United States
Duration: 24 May 202127 May 2021


Conference42nd IEEE Symposium on Security and Privacy, SP 2021
CountryUnited States
CityVirtual, San Francisco


Dive into the research topics of 'Post-quantum WireGuard'. Together they form a unique fingerprint.

Cite this