Rosenpass, a VPN project that promises to resist attacks by quantum computers


Rosenpass is an important precaution against what is to come:

Recently the news that a group of iGerman researchers, developers and cryptographers have published the first version of the Rosenpass project, which develops VPN and key exchange mechanisms that are resistant to quantum computer attacks.

rosenpass uses WireGuard VPN under the hood along with standard encryption algorithms and keys which is used as a transport and complements it with hack-protected key exchange tools on quantum computers (i.e. Rosenpass additionally protects the key exchange without changing the operating algorithms and encryption methods of WireGuard).

Rosenpass can also be used separately from WireGuard in the form of a generic key exchange tool suitable for protecting other protocols from quantum computer attacks.

About Rosenpass

Rosenpass is written in Rust and uses liboqs 1 and libsodium 2, the tool establishes a symmetric key and provides it to WireGuard. Since you provide WireGuard with a key via the PSK function, using Rosenpass+WireGuard is no less cryptographically secure than using WireGuard alone ("hybrid security").

Work is currently underway to formally verify the protocol, cryptographic algorithms and implementation to provide a mathematical proof of reliability. At the moment, using ProVerif, a symbolic analysis of the protocol and its basic implementation in the Rust language have already been carried out.

The protocol Rosenpass is based on the PQWG post-quantum authenticated key exchange mechanism (Post-quantum WireGuard), built using the McEliece cryptosystem, which resistant to brute force on a quantum computer. The key generated by Rosenpass is used in the form of a WireGuard Pre-Shared Key (PSK) symmetric key, implementing an additional layer of protection for the hybrid VPN connection.

Rosenpass assigns two UDP ports; if port N is specified for rosenpass, it will assign port N+1 for WireGuard.

Like WireGuard, Rosenpass does not enforce any separation between clients and servers. If you do not specify the listenoption, Rosenpass and WireGuard will choose random ports; this is client mode. If you do not specify endpoint, Rosenpass will not attempt to connect to the peer and instead will wait for peer connections. This is server mode. You can specify both. Skipping both is not prohibited but not very useful either.

Rosenpass provides a separate background process which is used to generate predefined WireGuard keys and secure key exchanges during the handshake process using post-quantum cryptographic techniques.

Like WireGuard, the symmetric keys in Rosenpass are updated every two minutes. To protect the connection, shared keys are used (on each side, a pair of public and private keys is generated, after which the participants transfer the public keys to each other).

As with any application, there is a small risk of problems security critics (such as buffer overflows, remote code execution); the Rosenpass app is written in the Rust programming language, which is much less prone to these kinds of problems. Rosenpass can also write keys to files instead of providing them to WireGuard. With a bit of scripting, deployment-independent mode can be used to run your application in a Container, VM, or other host. This mode can also be used to integrate tools other than WireGuard with Rosenpass.

It is worth mentioning that Rosenpass has some drawbacks; it runs as root, which requires access to the WireGuard and Rosenpass private keys, takes control of the interface, and works with exactly one interface. If you are not sure whether to run Rosenpass as root, you should use standalone mode to create a more secure setup using containers, jails, or virtual machines.

The toolkit code is written in Rust and is distributed under the MIT and Apache 2.0 licenses. The cryptographic algorithms and primitives are borrowed from the C libraries liboqs and libsodium.

The published codebase is positioned as a reference implementation: based on the specifications provided, alternative tool options can be developed using other programming languages.

Finally, if you are interested in knowing more about it, you can consult the details In the following link.

The content of the article adheres to our principles of editorial ethics. To report an error click here.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *



  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.