There was a story recently about Rosenpass: https://news.ycombinator.com/item?id=34969760<p>It seems to make VPNs using Wireguard, but I thought Wireguard was already made for VPNs? Clearly I am missing something. But I am about to setup a VPN, so
I was hoping someone could shed some light on whether I should consider using Rosenpass instead of straight Wireguard. Any insight appreciated.
I am the Rosenpass author; Rosenpass is an add-on to make WireGuard even more secure. There are certain types of attacks (i.e. those from quantum computers) that could become possible to perform for governments and very large organizations.<p>To protect the infrastructure of smaller companies and to protect the data of private WireGuard users, Rosenpass makes WireGuard immune against these potential attacks from states and large organization.
Rosenpass is WireGuard plus a custom addition. This addition continually rotates the optional, per-connection preshared keys used by WireGuard.<p>This is probably overkill for most use-cases (particular for a consumer-level VPN), but it's a nifty addition if you fear your WireGuard keys may be stolen at some point.