12

In our project we had to build a VPN to get through to computers residing behind NAT. I never did it before. While looking for suitable software I came across WireGuard which claimed to be very simple.

After some reading I indeed was able to setup a server with 8 lines long config file and a client (that was behind NAT) with 9 lines long config.

The link worked perfectly in both directions. After that for obvious reasons I don't want to touch any alternatives. WG is on its way to the mainstream Linux kernel, but it is not there yet.

The protocol was formally verified and technical whitepaper exists as well. However the website claims WireGuard shouldn't be "relied on".

How risky is it, from information security point of view, to use WG in production in its current state? What are potential troubles?

Update: As of 2020 WireGuard is inside mainstream Linux kernel, so quite production ready.

user1876484
  • 279
  • 3
  • 6
  • 1
    I imagine the troubles are primarily related to the quality of the code (which will be better scrutinized when it is accepted upstream). The protocol itself seems solid and the choice of algorithms is very sane. I only wish they used a hybrid handshake (PQC), but according to the main dev, he's worried that none of the options have been sufficiently vetted yet. – forest Apr 08 '18 at 01:17
  • 1
    Also, there's an official channel on Freenode, where you may get more authoritative answers. – forest Apr 08 '18 at 01:21
  • Just to add to @user28177 there is now official open source windows client - see https://github.com/WireGuard/wireguard-windows Regarding current security status there are some ongoing projects - see https://courses.csail.mit.edu/6.857/2018/project/He-Xu-Xu-WireGuard.pdf – Pavel Frkal Jan 10 '20 at 11:44

2 Answers2

2

Well, I'm actually excited about WireGuard too. There is already Android, macOS, Windows(third party - closed source) and OpenBSD clients, showing that the project have a solid future ahead. Tight integration with ip-link also seems a bonus and configuration is a no-brainer.

But if you take a look at the homepage, specially the "About Project" section, you will see a warning about using it on production:

About The Project

Work in Progress

WireGuard is not yet complete. You should not rely on this code. It has not undergone proper degrees of security auditing and the protocol is still subject to change. We're working toward a stable 1.0 release, but that time has not yet come. There are experimental snapshots tagged with "0.0.YYYYMMDD", but these should not be considered real releases and they may contain security vulnerabilities (which would not be eligible for CVEs, since this is pre-release snapshot software). If you are packaging WireGuard, you must keep up to date with the snapshots.

However, if you're interested in helping out, we could really use your help and we readily welcome any form of feedback and review. There's currently quite a bit of work to do on the project todo list, and the more folks testing this out, the better.

Basically this project could have CVEs and it is under heavy development and constant change. Maybe it's not suitable to your organization. Also, no opensource Windows client, and a client that relies on tun/tap devices kludge.

Community
  • 1
  • 1
    The tunsafe project is not official, closed-source and relies on the tuntap driver from the openvpn project. I would be cautious with this implemention and wait for an (official,) auditable opensource implementation if you plan to use it on Windows. – Lekensteyn May 28 '18 at 22:11
  • That's right. The Windows client is developed by a third party. Another reason to AVOID implementing WireGuard in production... –  May 29 '18 at 10:34
2

The text on the website has since changed and WireGuard is now considered mostly stable:

Work in Progress

Some parts of WireGuard are working toward a stable 1.0 release, while others are already there. Current snapshots are generally versioned "0.0.YYYYMMDD" or "0.0.V", but these should not be considered real releases and they may contain security quirks (which would not be eligible for CVEs, since this is pre-release snapshot software). Current releases are generally versioned "1.x.YYYYMMDD".

Sedat Kapanoglu
  • 721
  • 3
  • 16