Great to hear. Thank you all for your hard work. Cheers, Fredrik
On Thu, May 11, 2017 at 10:32 PM, Jason A. Donenfeld <ja...@zx2c4.com> wrote: > Hey lazylist, > > Since the last discussion of preshared key mode in WireGuard, we've > made some substantial progress. Trevor and I have been working out the > cryptodetails [1], and Kevin and I have been tweaking our formal > verification model. Everything is coming together quite nicely on that > front. > > For those who are just catching up on this discussion, the gist is > that the PresharedKey attribute is moving from being part of the > Interface to part of the Peer. This will enable PSKs to be a pair-wise > value, rather than having an Interface use one PSK for all its peers, > a significant security improvement. > > I've written up the changes in the whitepaper [2] and the protocol doc > [3]. I've implemented it in the latest git master, though probably you > should wait for the next snapshot to try it out. I'm now in the > progress of writing [4] patches [5] for various [6] WireGuard > integrations, so that when I release the next snapshot, things can > transition over smoothly, in addition to various Noise libraries [7]. > > If all goes well, the Noise changes will be out on Tuesday, and the > snapshot should happen minutes after that. > > Let me know if there are any questions. > > Regards, > Jason > > [1] https://moderncrypto.org/mail-archive/noise/2017/001006.html > [2] https://www.wireguard.io/papers/wireguard.pdf > [3] https://www.wireguard.io/protocol/ > [4] > https://github.com/openwrt/packages/pull/4341/files#diff-4fe54b567672346a15da55f1c6af8c9a > [5] https://github.com/openwrt/luci/pull/1160/files > [6] > https://github.com/NixOS/nixpkgs/pull/25646/files#diff-110379e7db2311e8bef5a02392ac1495 > [7] https://github.com/flynn/noise/pull/11/files > _______________________________________________ > WireGuard mailing list > WireGuard@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/wireguard _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard