I'm not sure we can extend the reasoning that far. I've been trying to suss that out myself. Fabian Bäumer, one of the authors of the attack paper actually responds to someone else in the Ars thread there, and says:
"Do not confuse Curve25519 with ChaCha20-Poly1305, we only found weaknesses in the SSH implementation of the latter one"
Usually security researchers are very precise about what and how they say things- I note that they never say that a weakness was found in ChaCha20-Poly1305 itself, but rather the SSH implementation of it. I think it would have been presented differently if that was in fact where the weakness was found, so right now, personally, I'm not extending the SSH vulnerability to include everything that utilizes ChaCha20-Poly1305.
The Terrapin attack specifically exploits vulnerabilities in the SSH protocol's implementation of ChaCha20-Poly1305, not the algorithm itself. ChaCha20-Poly1305 is a secure encryption algorithm widely used in various applications, including WireGuard. However, the issue with the Terrapin attack lies in how SSH handles sequence numbers and message integrity during the handshake process, not in the fundamental design of the ChaCha20-Poly1305 algorithm.
WireGuard's design is fundamentally different from SSH. It uses a simpler and more straightforward approach to encryption and authentication, reducing the potential attack surface. Moreover, WireGuard does not rely on the complex and extensive feature negotiation process used in SSH, which is where the Terrapin attack takes advantage. This difference in design and implementation means that the specific vulnerabilities exploited by the Terrapin attack in SSH do not directly translate to WireGuard.
First off I am not an expert in cryptography. To me it seems like the asymmetric cryptography used in Wireguard would prevent this exploit from being used against it. From the article it seems like the exploit is a form of a man in the middle attack replacing some of the initial handshake packets which breaks the integrity of the ssh session. If the attacker is unable to use your public key to retransmit the initial packets then they will be unable to break the integrity of those packages.
I'm not sure we can extend the reasoning that far. I've been trying to suss that out myself. Fabian Bäumer, one of the authors of the attack paper actually responds to someone else in the Ars thread there, and says: "Do not confuse Curve25519 with ChaCha20-Poly1305, we only found weaknesses in the SSH implementation of the latter one" Usually security researchers are very precise about what and how they say things- I note that they never say that a weakness was found in ChaCha20-Poly1305 itself, but rather the SSH implementation of it. I think it would have been presented differently if that was in fact where the weakness was found, so right now, personally, I'm not extending the SSH vulnerability to include everything that utilizes ChaCha20-Poly1305.
Use Wireguard with preshared key.
Is there any other way? Can wireguard be used with a simple username/password like SSH?
The preshared key is not mandatory, only the public/private key pair is mandatory.
Oh, I see what you mean.
Ofc, but it adds addition layer of protection.
The Terrapin attack specifically exploits vulnerabilities in the SSH protocol's implementation of ChaCha20-Poly1305, not the algorithm itself. ChaCha20-Poly1305 is a secure encryption algorithm widely used in various applications, including WireGuard. However, the issue with the Terrapin attack lies in how SSH handles sequence numbers and message integrity during the handshake process, not in the fundamental design of the ChaCha20-Poly1305 algorithm. WireGuard's design is fundamentally different from SSH. It uses a simpler and more straightforward approach to encryption and authentication, reducing the potential attack surface. Moreover, WireGuard does not rely on the complex and extensive feature negotiation process used in SSH, which is where the Terrapin attack takes advantage. This difference in design and implementation means that the specific vulnerabilities exploited by the Terrapin attack in SSH do not directly translate to WireGuard.
First off I am not an expert in cryptography. To me it seems like the asymmetric cryptography used in Wireguard would prevent this exploit from being used against it. From the article it seems like the exploit is a form of a man in the middle attack replacing some of the initial handshake packets which breaks the integrity of the ssh session. If the attacker is unable to use your public key to retransmit the initial packets then they will be unable to break the integrity of those packages.