Presented by Jason A Donenfeld FOSDEM 2017

Recommendations

Info

Cookies: The WireGuard Variant ▪ If the responder is under load (experiencing a DoS attack), it replies with a cookie computed as: XAEAD( key=responder_public_key additional_data=handshake_message, MAC(key=responder_secret, initiator_ip_address) ) ▪ mac2 is then calculated as: MAC(key=cookie, handshake_message) ▪ If it’s valid, the message is processed even under load.
Cookies: The WireGuard Variant ▪ Once IP address is attributed, ordinary token bucket rate limiting can be applied. ▪ Maintains stealthiness. ▪ Cookies cannot be intercepted <strong>by</strong> somebody who couldn’t already initiate the same exchange. ▪ Initiator cannot be DoS’d, since the encrypted cookie uses the original handshake message as the “additional data” parameter. ▪ An attacker would have to already have a MITM position, which would make DoS achievable <strong>by</strong> other means, anyway.
Page 1 and 2: Presented by Jason A. Donenfeld FOS
Page 3 and 4: What is WireGuard? ▪ Layer 3 secu
Page 5 and 6: Easily Auditable IPsec (XFRM+Strong
Page 7 and 8: Blasphemy! ▪ WireGuard is blasphe
Page 9 and 10: Cryptokey Routing PUBLIC KEY :: IP
Page 11 and 12: Cryptokey Routing User space send()
Page 13 and 14: Cryptokey Routing ▪ Makes system
Page 15 and 16: Demo
Page 17 and 18: Simple Composable Tools: wg-quick
Page 19 and 20: Namespaces: Containers # ip addr 1:
Page 21 and 22: Static Allocations, Guarded State,
Page 23 and 24: Solid Crypto ▪ ▪ ▪ ▪ ▪
Page 25 and 26: The Key Exchange ▪ In order for t
Page 27 and 28: The Key Exchange ▪ Very limited s
Page 29 and 30: Timers User space sends packet. •
Page 31 and 32: Denial of Service Resistance ▪ Ha
Page 33 and 34: Cookies: DTLS-like and IKEv2-like
Page 35: Cookies: The WireGuard Variant ▪
Page 39 and 40: Performance: Measurements Bandwidth
Page 41: More Information WireGuard ▪ Main

Presented by Jason A Donenfeld FOSDEM 2017

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?