A group of German researchers, developers, and cryptographers has published the first release of the Rosenpass project, which develops VPNs and key exchange mechanisms that are resistant to hacking on quantum computers. VPN WireGuard with standard encryption algorithms and keys is used as a transport, and Rosenpass supplements it with key exchange tools protected from hacking on quantum computers (i.e. Rosenpass additionally protects key exchange without changing the operation algorithms and encryption methods of WireGuard). Rosenpass can also be used separately from WireGuard in the form of a generic key exchange tool suitable for protecting other protocols from attacks on quantum computers.
The toolkit code is written in Rust and distributed under the MIT and Apache 2.0 licenses. Cryptographic algorithms and primitives are borrowed from the liboqs and libsodium libraries written in the C language. The published code base is positioned as a reference implementation - based on the provided specifications, alternative tooling options can be developed using other programming languages. Work is currently underway to formally verify the protocol, cryptographic algorithms, and implementation to provide a mathematical proof of reliability. At present, using ProVerif, a symbolic analysis of the protocol and its basic implementation in the Rust language has already been performed.
The Rosenpass protocol is based on the PQWG (Post-quantum WireGuard) post-quantum authenticated key exchange mechanism, built using the McEliece cryptosystem, resistant to selection on a quantum computer. The key generated by Rosenpass is used in the form of a shared symmetric key (PSK, pre-shared key) WireGuard, implementing an additional layer for hybrid VPN connection protection.
Rosenpass provides a stand-alone background process used to generate predefined WireGuard keys and secure key exchanges during the handshake process using post-quantum cryptography techniques. Like WireGuard, symmetric keys in Rosenpass are updated every two minutes. To protect the connection, shared keys are used (on each side, a pair of public and private keys is generated, after which the participants transfer public keys to each other).
Source: opennet.ru