diff --git a/References/references.bib b/References/references.bib index ff947a2..f679911 100644 --- a/References/references.bib +++ b/References/references.bib @@ -435,3 +435,42 @@ Section: Proceedings on Privacy Enhancing Technologies}, year = {2020}, file = {Linux 5.6 - Linus Torvalds:/home/jake/Zotero/storage/33QZKUPE/CAHk-=wi9ZT7Stg-uSpX0UWQzam6OP9Jzz6Xu1CkYu1cicpD5OA@mail.gmail.com.html:text/html}, } + +@article{donenfeld_formal_nodate, + title = {Formal {Verification} of the {WireGuard} {Protocol}}, + abstract = {WireGuard, the secure network tunnel, uses an interesting DiffieHellman authenticated key exchange protocol based on NoiseIK, custom tailored to suit its unique operational requirements. This paper enumerates the security properties of this key exchange and then explores the formal verification of such properties. The end result is a formally verified secure network tunnel protocol.}, + language = {en}, + author = {Donenfeld, Jason A}, + pages = {11}, + file = {Donenfeld - Formal Verification of the WireGuard Protocol.pdf:/home/jake/Zotero/storage/IGVX3ECM/Donenfeld - Formal Verification of the WireGuard Protocol.pdf:application/pdf}, +} + +@incollection{preneel_cryptographic_2018, + address = {Cham}, + title = {A {Cryptographic} {Analysis} of the {WireGuard} {Protocol}}, + volume = {10892}, + isbn = {978-3-319-93386-3 978-3-319-93387-0}, + url = {http://link.springer.com/10.1007/978-3-319-93387-0_1}, + abstract = {WireGuard (Donenfeld, NDSS 2017) is a recently proposed secure network tunnel operating at layer 3. WireGuard aims to replace existing tunnelling solutions like IPsec and OpenVPN, while requiring less code, being more secure, more performant, and easier to use. The cryptographic design of WireGuard is based on the Noise framework. It makes use of a key exchange component which combines long-term and ephemeral Diffie-Hellman values (along with optional preshared keys). This is followed by the use of the established keys in an AEAD construction to encapsulate IP packets in UDP. To date, WireGuard has received no rigorous security analysis. In this paper, we, rectify this. We first observe that, in order to prevent Key Compromise Impersonation (KCI) attacks, any analysis of WireGuard’s key exchange component must take into account the first AEAD ciphertext from initiator to responder. This message effectively acts as a key confirmation and makes the key exchange component of WireGuard a 1.5 RTT protocol. However, the fact that this ciphertext is computed using the established session key rules out a proof of session key indistinguishability for WireGuard’s key exchange component, limiting the degree of modularity that is achievable when analysing the protocol’s security. To overcome this proof barrier, and as an alternative to performing a monolithic analysis of the entire WireGuard protocol, we add an extra message to the protocol. This is done in a minimally invasive way that does not increase the number of round trips needed by the overall WireGuard protocol. This change enables us to prove strong authentication and key indistinguishability properties for the key exchange component of WireGuard under standard cryptographic assumptions.}, + language = {en}, + urldate = {2021-05-12}, + booktitle = {Applied {Cryptography} and {Network} {Security}}, + publisher = {Springer International Publishing}, + author = {Dowling, Benjamin and Paterson, Kenneth G.}, + editor = {Preneel, Bart and Vercauteren, Frederik}, + year = {2018}, + doi = {10.1007/978-3-319-93387-0_1}, + note = {Series Title: Lecture Notes in Computer Science}, + pages = {3--21}, + file = {Dowling and Paterson - 2018 - A Cryptographic Analysis of the WireGuard Protocol.pdf:/home/jake/Zotero/storage/GGI6BMJF/Dowling and Paterson - 2018 - A Cryptographic Analysis of the WireGuard Protocol.pdf:application/pdf}, +} + +@misc{donenfeld_wireguard_2020, + title = {wireguard fixes for 5.6-rc7}, + url = {https://lore.kernel.org/netdev/20200319003047.113501-1-Jason@zx2c4.com/}, + urldate = {2021-05-12}, + author = {Donenfeld, Jason A}, + month = mar, + year = {2020}, + file = {[PATCH net 0/5] wireguard fixes for 5.6-rc7 - Jason A. Donenfeld:/home/jake/Zotero/storage/QZLP2EZP/20200319003047.113501-1-Jason@zx2c4.com.html:text/html}, +}