Rosenpass API
Improved API's and platform coverage for Rosenpass
Rospenpass deals with post-quantum security for the open-source, linux-kernel VPN WireGuard. It is a production-ready VPN solution, with security proofs and backed up by scientific papers. This solves the problem that classic WG alone will stop being secure once quantum computers are viable.
In this phase of the work, we focus on enhancements to support Rosenpass on additional platforms by providing initial support for Windows. Improvements to the Rosenpass protocol protect our key exchange against denial-of-service attacks by integrating WireGuard's cookie-based mechanism. To introduce more granularity with regard to system permissions required by the Rosenpass client, a broker-based architecture is being introduced. Achieving this goal entails creating a Unix sockets API infrastructure, API endpoints, and a special broker process to handle communication with WireGuard. Finally, the work also aims to promote scientific communication and research on post-quantum cryptography by creating scientific illustrations, and by authoring a user tutorial on using Rosenpass to secure TLS connections.
- The project's own website: https://rosenpass.eu
This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.
