
WireGuard and forward secrecy for clients - pabs3
https://dustri.org/b/wireguard-and-forward-secrecy-for-clients.html
======
hkpack
I work at IVPN.

WireGuard out of the box indeed have few issues related to privacy which
require additional effort to overcome. Forward secrecy is one of them.

We created a document where we've described all of the known issues related to
privacy when using WireGuard up to date and how we solve them [0].

Talking about forward secrecy specifically, IVPN client apps for all platforms
do automatic key rotation every 7 days by default (which can be changed to as
often as every day).

It makes it impossible to correlate any traffic with customers after keys were
rotated.

[0] - [https://www.ivpn.net/knowledgebase/254/Using-WireGuard-
for-P...](https://www.ivpn.net/knowledgebase/254/Using-WireGuard-for-Privacy-
Protection.html)

------
matharmin
Is this really an issue? The client's public key is likely unique for that
server (unlike a typical ssh public key), and the client's IP is a lot more
likely to be used to identify the user.

------
fulafel
This is a pretty big deal, PFS is a major feature in modern crypto (TLS, IPsec
etc). Hope it gets fixed soon.

~~~
chousuke
This is not about PFS for transmitted data, only for client identity. Unless
I'm missing something, an attacker will not be able to decrypt past traffic if
they manage to obtain the private key, but they will know the public key of
whoever sent it.

In most cases this is a non-issue, but it can matter of you're trying to hide
your identity behind a VPN.

------
oakwhiz
Is a lack of PFS still a problem if you periodically retire and regenerate
keys?

