The Rosenpass tool is a daemon, written in Rust, that implements the Rosenpass protocol to create and exchange hybridised post-quantum and classically secure keys between two peers. It uses two cryptographic methods, Classic McEliece and Kyber, to secure systems against quantum attacks. It represents one of the most advanced open-source solutions for providing post-quantum security currently available.
While the Rosenpass tool is written in Rust, it currently relies on libsodium and liboqs, both of which are C libraries, enabling advanced security features. We implement a number of techniques to ensure that the code is secure. For example, we use variable colouring (gating use of a secret value through a .secret() method), and the code zeroises all key material.
The Rosenpass tool works best and most natively with WireGuard. It can, however, be used to perform a stand-alone key exchange. Using this mode, it can secure other protocols against attacks from quantum computers. To use this mode, the rosenpass binary must be used together with the outfile
This section contains links to user guides, installation guides, release notes, and other information on the Rosenpass Tool.
Section Directory
A quick start guide on downloading, configuring, and booting the Rosenpass tool for use with a WireGuard connection.
A summary of the major changes and fixes across full Rosenpass tool releases.
A guide on how to compile the Rosenpass tool yourself, including installation via the binary files. This is useful if you want to use the Rosenpass tool on systems we do not currently provide packages for.
A link to the Rosenpass tool's source code in its GitHub repository. Much of the Rosenpass tool's development is monitored there, and we are responsive to issues, feature requests, and other topics raised directly in the repository.
The Rosenpass tool's man pages explaining the command line interfaces, converted for viewing in a web browser.
Packaging Status
Rosenpass currently provides packages and static binaries for several Linux distributions, as shown below:
v0.2.2 Release Notes
- Fixes vulnerability to prevent output shared key (OSK) to be set or written again on a responder receiving the same InitConf message during a handshake.
- This release has no impact for majority of users using Rosenpass with WireGuard
What planned features are on the way?
- Cunicu integration: Cunicu is a user-space daemon for managing WireGuard connections for small devices. We intend to integrate post-quantum security into that daemon via Rosenpass
- Docker and micro-VM implementations: We are currently working on using micro-VMs to reduce the scope of system privileges Rosenpass needs to run
- Hacspec integration: Hackspec is a rust-based language designed by Cryspen to enable the use of several formal verification tools that enable high-assurance cryptography
- Golang implementation of Rosenpass: Our initial implementation of Rosenpass is written in Rust, but we are working on an alternative, compatible Golang-built implementation to increase diversity and reach new platforms. It is called go-rosenpass.
License
The Rosenpass tool is subject to the Apache License Version 2.0, January 2004 and the MIT License with attribution
The content of this website, except for photographic material, is published under a Creative Commons license:
Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)
Photographic material is published under this separate Creative Commons License:
Attribution-NonCommercial-NoDerivs 4.0 International (CC BY-NC-ND 4.0 Deed)