1. 1 | Copyright © 2022
Understanding Wireguard, TLS and Workload Identity:
The Backbone of Modern Service Networking

2. 2 | Copyright © 2022
CHRISTIAN POSTA
VP, Global Field CTO, Solo.io
@christianposta
christian@solo.io

3. 3 | Copyright © 2022
01
02
03
04
05
Why do we need modern
security?
Case Study: Google ALTS
Modern Networking Security
Workload Identity
Demos!
Agenda

4. 4 | Copyright © 2022
c
Application Networking
Well Funded ($175M), $1B valuation
Satisfied Customers (130% Renewals)
Cloud-native Technology Leadership
Cloud-native Education Leadership
TODAY’S
BUSINESS
DIGITAL
BUSINESS
The Service Mesh and API Platform
for Kubernetes | Zero-Trust | Microservices

5. 5 | Copyright © 2022
Service A can talk to Service B

6. 6 | Copyright © 2022
Long Live IP!

7. 7 | Copyright © 2022
Containerized Workloads

8. 8 | Copyright © 2022
Beware!

9. 9 | Copyright © 2022
Beware!
https://www.theverge.com/2014/12/8/7352581/sony-pictures-hacked-storystream

10. 10 | Copyright © 2022
Tenets of a Modern, Secure Network
• Assume a Hostile Environment - There are malicious persona both inside and outside the
environment
• Presume Breach - Operate and Defend resources with the assumption that an adversary
has presence in your environment
• Never Trust, Always Verify - Deny by default. Every resource is explicitly authorized using
least privilege multiple attributes, and dynamic cybersecurity principles
• Scrutinize Explicitly - Access to resources is conditional and access can dynamically
change based on action and confidence levels resulting from those actions
• Apply Unified Analytics - for data, applications, assets, services to include behavioristics
and log each transaction

11. 11 | Copyright © 2022
Writing Networking Policy
● Who is calling whom
● Constraining who can call whom
● Avoid MiTM, eavesdropping
● Quota / QoS / Limits
● Logging, auditing
● Policy enforcement via fine-grained authz

12. 12 | Copyright © 2022
Example from Google
ALTS

13. 13 | Copyright © 2022
Application Layer Transport Security
• Built in 2007 (TLS 1.1 was the latest version at this point)
• TLS 1.1 did not meet Google’s minimum security standards
• A simpler, more tailored impl of TLS
• More flexible workload identity model
• Certs use ECDH keys, Uses DH key exchange, can provide PFS and AE
• Uses Protocol Buffers to serialize certificates and protocol messages
https://cloud.google.com/docs/security/encryption-in-transit/application-layer-transport-security

14. 14 | Copyright © 2022
ALTS Design
• Transparent to applications / RPC invocations
• Simplified cryptography (limited key exchange/cipher algorithms)
• Authentication based on Identity NOT host machines
• Identity tied to chain of trust / key distribution (transparent to application)
• Authorization policies built around Identity model
https://cloud.google.com/docs/security/encryption-in-transit/application-layer-transport-security

15. 15 | Copyright © 2022
Transparent ALTS

16. 16 | Copyright © 2022
Handshake / Record Protocol

17. 17 | Copyright © 2022
ALTS is Proven at Scale
Should we build ALTS?

18. 18 | Copyright © 2022
No. Modern Building Blocks Exist
Let’s take a look

19. 19 | Copyright © 2022
Modern, Secure Service Networking
• Transparent to applications / RPC invocations
• Transparent encryption
• Simplified cryptography (limited key exchange/cipher algorithms)
• Authentication based on Identity NOT host machines
• Identity tied to chain of trust / key distribution (transparent to application)
• Authorization policies built around Identity model

20. 20 | Copyright © 2022
Wireguard
Transparent encryption made easy

21. 21 | Copyright © 2022
Wireguard

22. 22 | Copyright © 2022
Wireguard
• A Kernel/OS module aimed at transparently encrypting IP between two nodes
for VPN use cases
• Simple code base (around 7k LOC vs e.g., 100K+ IPSec)
• No cipher/protocol negotiation; fixed cryptography
• For L3, encapsulate encrypted packets in UDP
• Intended to use ciphers that afford more performance
• Simplified configuration, out of band public-key exchange
https://www.wireguard.com/papers/wireguard.pdf

23. 23 | Copyright © 2022
Configure public keys and it just works

24. 24 | Copyright © 2022
Opinionated Crypto (Based on the Noise Framework)
• Elliptic Curve Diffie Hellman with Curve22519
• ChaCha20+Poly1305 for Authenticated Encryption
• BLAKE2s for hashing
• Optional Pre-Shared Key (PSK)
• If a vulnerability is found, upgrade everything
https://www.wireguard.com/papers/wireguard.pdf

25. 25 | Copyright © 2022
Downsides of Wireguard
• Could be very difficult to upgrade “everything” all at once for a discovered
vulnerability
• Not FIPS compliant
• Will not be FIPS compliant
− https://twitter.com/matthew_d_green/status/1443558648878350339
• Doesn’t solve for workload Mutual Authentication, Identity, or Authorization

26. 26 | Copyright © 2022
Options to Layer Authentication for svc-to-svc?
• Wireguard “authenticates” its peers but has no knowledge of svc identities
• JWT access tokens (ie, OAuth 2.0 + Secure Token Service)
• Custom mutual authentication mechanism (see Cilium)
• Layer client certificates and TLS on top

27. 27 | Copyright © 2022
Cilium’s approach to mutual authentication

28. 28 | Copyright © 2022
Cilium’s approach to mutual authentication

29. 29 | Copyright © 2022
Cilium’s approach to mutual authentication

30. 30 | Copyright © 2022
Transport Layer Security
TLS 1.3

31. 31 | Copyright © 2022
Transport Layer Security

32. 32 | Copyright © 2022
Transport Layer Security (TLS 1.2)

33. 33 | Copyright © 2022
Transport Layer Security (TLS 1.3)

34. 34 | Copyright © 2022
Client Authentication (mTLS)

35. 35 | Copyright © 2022
Why use TLS 1.3?
• Faster
− Handshake takes fewer round trips
• Safer (drop support for unsafe cryptographic algorithms)
− Remove RSA key exchange (doesn’t provide Forward Secrecy)
− Remove CBC/RC4 ciphers
− Restrict DH parameters to known secure params
− Handshake is signed by the server, cannot be tricked into downgrade
− Chose AEAD ciphers

36. 36 | Copyright © 2022
TLS Can do Authentication, Encryption, Integrity Checks
• FIPS compliant implementations
• Private keys do not get sent over the wire (like JWT tokens)
• Can be terminated at the applications for end-to-end session
• TLS 1.3 brings simplification for ciphers/protocol negotiation
• Looks a lot more like Google ALTS!

37. 37 | Copyright © 2022
Downsides to TLS
• No standard way to specify identity
• Key issuance, revocation, rotation can be complex
• How do the applications handle key material safely?
• What if applications mis-configure?
• Every language/framework/library is different

38. 38 | Copyright © 2022
Standard Workload Identity Framework
with SPIFFE

39. 39 | Copyright © 2022
Secure Production Identity Framework (for Everyone)
• Open Source Identity Specification for workloads
• Intended to solve the “universal workload identity problem”
• Independent of application type, network, or platform/cloud
• Specified with URI strings
• Verified via signed credentials (x509, JWT, etc)
• API and workflow for attestation built into SPIFFE implementations
• Intended to eliminate passwords, other secrets, etc

40. 40 | Copyright © 2022
SPIFFE

41. 41 | Copyright © 2022
Who is Service A?

42. 42 | Copyright © 2022
Identity described in SVID

43. 43 | Copyright © 2022
Identity for Workloads

44. 44 | Copyright © 2022
SPIRE is a Production Implementation of SPIFFE

45. 45 | Copyright © 2022
Bringing it Together Transparently
TLS 1.3 + SPIFFE

46. 46 | Copyright © 2022
Now we know who Service A is…

47. 47 | Copyright © 2022
An example implementation: Istio Ambient Mesh
https://istio.io/latest/blog/2022/introducing-ambient-mesh/

48. 48 | Copyright © 2022
Istio Ambient Mesh (w/ TLS 1.3 + SPIFFE)
• Transparent to applications / RPC invocations
• Transparent encryption
• Simplified cryptography (limited key exchange/cipher algorithms)
• Authentication based on Identity NOT host machines
• Identity tied to chain of trust / key distribution (transparent to application)
• Authorization policies built around Identity model

49. 49 | Copyright © 2022
Demo

50. 50 | Copyright © 2022
Additional Resources
● https://lp.solo.io/white-paper-zero-trust
● https://cloud.google.com/docs/security/encryption-in-transit/applica
tion-layer-transport-security
● https://istio.io/latest/blog/2022/introducing-ambient-mesh/
● https://www.wireguard.com/papers/wireguard.pdf
● https://www.solo.io/zero-trust/
● https://academy.solo.io
● https://istio.io
● https://cilium.io
https://lp.solo.io/istio-ambient-mesh-explained

51. Thank You!