Post-Quantum WireGuard

Quantum computing poses an immediate threat to VPN infrastructure through the "harvest now, decrypt later" attack model, where adversaries collect encrypted traffic today for future decryption with quantum computers. While existing VPN protocols await formal post-quantum standardization, practical protection is needed now. This paper presents a deployable solution for adding post-quantum security to WireGuard without modifying the protocol itself. Our approach leverages WireGuard's existing pre-shared key (PSK) mechanism, delivering quantum-resistant PSKs over channels protected by ML-KEM hybrid TLS 1.3. Through a carefully designed split-service architecture separating authentication from configuration management, we achieve both cryptographic and operational benefits. The authentication service handles client connections using post-quantum TLS, while the configuration service manages WireGuard settings with no direct network exposure, providing defense in depth. This architecture has been successfully deployed across ExpressVPN's global infrastructure, demonstrating its practicality at scale. The solution provides immediate quantum resistance with minimal performance impact (15-20ms additional connection establishment time, no impact on steady-state throughput), supports dynamic IP allocation and simplified key management, and can be implemented by engineering teams without deep cryptographic expertise. We provide detailed implementation guidance for deployments ranging from small (<1,000 users) to enterprise scale. Our work demonstrates that post-quantum WireGuard is achievable today using proven technologies and sound engineering principles, offering VPN providers a straightforward migration path to quantum resistance without abandoning existing WireGuard deployments.