I think the idea behind opinionated cryptography is not only the idea of “We think this is the best, so you have to use it”, but most importantly it removes all requirements of the protocol supporting cipher negotiation. This makes the protocol much simpler, easier to audit and as a result more secure. And if the cryptography in the protocol ever shows a weakness, then Wireguard v2 needs to be released as a breaking change.
See all the SSL/TLS versions
Yep. I entirely agree about the good points. I am just always weary about removing options like this, regardless of intention.
I’d be fine if for example I’m running my own wireguard implementation, I could choose the suite to use, not negotiate anything and ensure my client has the same configuration.
I’d probably not use it, but I like the option, and knowing that anyone that wants to try to break this now also needs to guess what options I’m running.
knowing that anyone that wants to try to break this now also needs to guess what options I’m running.
Unless your security model has you being specifically targeted by advanced threat actors, the most likely scenario is that you’ll be affected by randomly discovered security vulnerabilities and not individuals tailoring an attack for your configuration.
Obfuscation of your configuration doesn’t add much security and using obscure settings could just as easily result in security vulnerabilities of their own. Vulnerabilities which, due to the obscurity of your configuration, may not be discovered by white hats for much longer.
I know that, if wireguard is exploitable, it’s very unlikely to be me that would be targeted. There are larger and more lucrative targets acting as honeypots for everyone else.
I think the idea behind opinionated cryptography is not only the idea of “We think this is the best, so you have to use it”, but most importantly it removes all requirements of the protocol supporting cipher negotiation. This makes the protocol much simpler, easier to audit and as a result more secure. And if the cryptography in the protocol ever shows a weakness, then Wireguard v2 needs to be released as a breaking change. See all the SSL/TLS versions
Yep. I entirely agree about the good points. I am just always weary about removing options like this, regardless of intention.
I’d be fine if for example I’m running my own wireguard implementation, I could choose the suite to use, not negotiate anything and ensure my client has the same configuration.
I’d probably not use it, but I like the option, and knowing that anyone that wants to try to break this now also needs to guess what options I’m running.
Unless your security model has you being specifically targeted by advanced threat actors, the most likely scenario is that you’ll be affected by randomly discovered security vulnerabilities and not individuals tailoring an attack for your configuration.
Obfuscation of your configuration doesn’t add much security and using obscure settings could just as easily result in security vulnerabilities of their own. Vulnerabilities which, due to the obscurity of your configuration, may not be discovered by white hats for much longer.
I know that, if wireguard is exploitable, it’s very unlikely to be me that would be targeted. There are larger and more lucrative targets acting as honeypots for everyone else.
No. You are making assumptions about security and ultimately assuming you’re the only one who thought this along the way.