Send in your ideas. Deadline June 1, 2024

Rosenpass: Hardening the Internet Against Quantum Computer Attacks

The Rosenpass project was released on February 26, 2023. Rosenpass is formally verifiable, state-of-the-art Post Quantum Cryptography which protects against attacks with so-called 'quantum computers'. It initially primarily affects Virtual Private Networks (VPNs). In the future, it may very well be adapted to other key elements of today’s internet security, preserving trust and safety in the coming quantum era.

NLnet supported Rosenpass through the NGI Assure Fund. Sixty percent of the resources went toward security analysis of the protocol in the symbolic model using proverif. The remainder of the funds were used for unit testing of the implementation and documentation.

Rosenpass provides a complement to the well-recognized VPN protocol WireGuard, adding quantum-hardened cryptography and key exchange while keeping the established WireGuard-standard encryption security. Therefore, Rosenpass is not just an add-on or a plug-in, but a coprocessing software that interacts with WireGuard at exactly one point, enhancing WireGuard's predefined key generation and exchange process with Post Quantum Secure (PQS) cryptography, based on the McEliece cryptosystem.

Making the internet future-proof

The problem Rosenpass aims to address is that various companies have presented prototypes of so-called quantum computers in recent years. In the future, these could break the encryption mechanisms of today's Internet. This development could take cybercrime and cyberwar to new levels. It's not just about confidential communication, but about basic functions without which the Internet would no longer work. For example, checking whether the website you are visiting is actually the real thing and not a fake, access to online banking or the name server that forwards Internet addresses to the right place. These are all things that need to be secured against attacks with quantum computers.

Project Rosenpass is run by a team of cryptographers, researchers, open source developers, hackers and designers with a focus on verifiable security improvement, usability and user advantage. Project manager Karolin Varner said: "This software project is a milestone in the development of encryption methods to make the Internet more future-proof".

Rosenpass is free and open software that can be reviewed, tested and further developed by security researchers. It is published under the Apache and MIT licenses. The team will continue to develop Rosenpass and are looking for partners in academic research and industry.

Funding

Rosenpass is funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet) programme.

Do you also have an open source project that needs funding? You can apply for one of the theme funds of NLnet.

Search

NLnet news archive

Currently open for proposals:

bluehats logo, three blue hats
Nominate FOSS projects
Nominate Free Software Projects for the four €10.000 BlueHats Prizes.

Events

2024-05-02 - Tech talk with bunnie on IRIS: an open hardware project to verify chips

2024-04-11 - Webinar: Open source CPU and SoC design : The flow, the challenges and a perspective

2024-02-22 - Webinar: The GNU Name System and the road to publishing an RFC

News

Dnsmasq wins the first BlueHats Prize 2024-04-18

41 new projects awarded 2024-04-17

Apply before June 1st 2024 2024-04-01

Digital David versus Tech Giant Goliath: Interview with Michiel Leenaars on Radio 1 2024-03-11

Webinar recording: The GNU Name System and the road to publishing an RFC 2024-02-22

Want to do us a favour?
Help us with 5 minutes of your time.
icon of a flower
Donate today
Your donation can help grow the future!