some file

Security Overview

QuFabric provides an ultra-secure, end-to-end encrypted VPN designed with the NSA's Commercial Solutions for Classified (CSfC) program in mind. It delivers two independent layers of encryption over any network — including the public internet — making it suitable for protecting highly sensitive traffic.

Double VPN Architecture

At its core, QuFabric establishes a double VPN — two nested encryption layers, each using independent key management, independent cryptographic algorithms, and independent protocol implementations.

Application traffic
    │
    ▼
┌──────────────────────────────────────────────────────────┐
│  Inner Layer: AES-256-GCM WireGuard (aes0)               │
│  Keys: DSKE-managed PSKs via security hubs               │
│  Protocol: Noise_IKpsk2_25519_AESGCM_BLAKE2s             │
└──────────────────────────────────────────────────────────┘
    │
    ▼
┌──────────────────────────────────────────────────────────┐
│  Outer Layer: ChaCha20-Poly1305 WireGuard (wg0)          │
│  Keys: WireGuard DH + Rosenpass PQC rotation             │
│  Protocol: Noise_IKpsk2_25519_ChaChaPoly_BLAKE2s         │
│  PQC: Rosenpass PSK rotation (enabled by default)        │
└──────────────────────────────────────────────────────────┘
    │
    ▼
Network (internet, LAN, etc.)

Even if one encryption layer is compromised — through a cryptographic break, implementation flaw, or key compromise — the other layer continues to protect traffic independently.

Why Two Layers?

The CSfC Multi-Site Connectivity capability package requires two independent layers of encryption to protect classified traffic traversing untrusted networks. QuFabric's double VPN architecture satisfies this requirement by design:

RequirementImplementation
Two independent encryption layersWireGuard (ChaCha20-Poly1305) + AES WireGuard (AES-256-GCM)
Independent key management per layerWireGuard DH + Rosenpass PQC (outer) / DSKE threshold key exchange (inner)
CNSA-compliant algorithmsAES-256-GCM (inner layer)
Post-quantum resistanceRosenpass PQC PSK rotation on outer tunnel (enabled by default)
No single point of key compromiseDSKE splits keys across multiple security hubs
Continuous key rotationAutomatic 120-second PSK rotation via DSKE; Rosenpass rotation every 120s on outer tunnel

How It Works

  1. Peers connect via the standard WireGuard tunnel (wg0), establishing ChaCha20-Poly1305 encryption with Rosenpass post-quantum key exchange enabled by default
  2. A second WireGuard interface (aes0) is created automatically, using AES-256-GCM encryption
  3. DSKE (Distributed Symmetric Key Exchange) generates shared secrets by splitting them across multiple security hubs using threshold cryptography
  4. Application traffic is routed through the AES tunnel, which itself runs inside the WireGuard tunnel — double encryption
  5. Keys rotate automatically — DSKE rotates AES tunnel PSKs every 120 seconds; Rosenpass independently rotates outer tunnel PSKs for post-quantum protection

Key Components

AES WireGuard Tunnel

A second WireGuard interface (aes0) that uses AES-256-GCM instead of ChaCha20-Poly1305. Traffic routed through aes0 is encrypted twice — once by the AES tunnel and again by the standard WireGuard tunnel underneath.

Learn more about the Double VPN →

DSKE (Distributed Symmetric Key Exchange)

An automated key management system that generates pre-shared keys using threshold cryptography across multiple independent security hubs. No single hub can reconstruct or compromise the keys.

Learn more about DSKE →

Security Hubs

Independent servers that participate in key generation using Shamir secret sharing. Keys are split into shares distributed across hubs — a minimum of 2 shares are required to reconstruct any key.

Learn more about Security Hubs →

Post-Quantum Cryptography (Rosenpass)

The outer WireGuard tunnel (wg0) is hardened against quantum computing threats via Rosenpass, a post-quantum secure key exchange protocol that is enabled by default in QuFabric. Rosenpass continuously generates and rotates WireGuard pre-shared keys every 120 seconds using quantum-resistant algorithms (Classic McEliece + Kyber), ensuring the outer tunnel remains secure even against future quantum computers.

Combined with DSKE on the inner tunnel, this means both encryption layers have independent post-quantum or quantum-resistant key management.

Learn more about Rosenpass →

PSRD (Pre-Shared Random Data)

One-time-use entropy provisioned from security hubs to clients, consumed during key generation and recovery operations.

Learn more about PSRD Management →

CSfC Alignment

QuFabric's architecture is designed with the CSfC Multi-Site Connectivity capability package in mind. For a detailed requirement-by-requirement mapping, see the CSfC Alignment page.

QuFabric is designed with CSfC principles in mind. This does not constitute formal CSfC certification or endorsement by the NSA. Organizations seeking formal CSfC compliance should consult their security team and the NSA's CSfC process.

Built on QuFabric Open-Source

QuFabric's security features build on top of the NetBird open-source project, a WireGuard-based mesh VPN with centralized management. The upstream project provides the peer-to-peer connectivity, NAT traversal, access control, and management infrastructure that QuFabric extends with its double VPN architecture.