ab14

Level 6
The key to virtual private networks - or VPN - is the creation of the encrypted tunnel from the client to the VPN server. Through this tunnel, all the internet data is transmitted back and forth. The privacy of the VPN connection is based on the encryption used, to keep the data going through it secure from both hackers and others - like your ISP - that want to take a peek.

There are plenty of options for the encrypted data VPN protocol, each with its advantages and disadvantages. Some popular ones are PPTP, SSTP, and OpenVPN (which has both TCP and UDP variants). The goals of any of these encryption protocols is to provide a high level of encryption, with a low overhead of computing resources. While OpenVPN remains quite popular with its 256-bit encryption, it does go back to 2001, and much has changed with computing since Windows XP debuted.

WireGuard is a more recent entry into the world of VPN encryption protocols and is just beginning to gain more traction in the cybersecurity sphere. In this article, we're taking a closer look at WireGuard.

A lighter VPN protocol...
WireGuard's developer is Jason A. Donenfeld who has a background in online security, with current development done by Edge Security LLC. While it was initially developed for the mainstream Linux kernel, it is currently cross-platform, with support for the major operating systems of Windows, Mac, iOS and Android.

The main advantage of WireGuard is that it runs much lighter and is designed to offer encryption with less overhead. When compared to the more common OpenVPN and IPsec protocols, WireGuard demonstrates benefits with both faster throughput speeds, and lower ping times.

While WireGuard’s code is said to contain about 4,000 lines, this is far less than the 100,000+ lines of code that comprises either of the competing VPN protocols of OpenVPN or IKEv2/IPsec. This advantage also makes it well suited for embedded devices with less computing power, such as a smartphone, router, or even a RaspberryPi.

WireGuard also endeavors to be simple to deploy with an easy installation. Cryptography is state-of-the-art using modern protocols such as Curve25519, ChaCha20, and Blake2. The much shorter code length also makes it a lot simpler to audit than longer length protocols.

...but still early stages

With these obvious advantages, you may be wondering why everyone is not using WireGuard.

Well, some VPN providers have already embraced WireGuard, with Mullvad off to an early start. In fact, WireGuard is its default protocol for Linux, MacOS, Android and iOS users, and it can be enabled for Windows users, too.

NordVPN is also implementing WireGuard as part of its NordLynx project, which offers the NordVPN to Linux users. Other VPNs that use WireGuard’s protocol include AzireVPN, OVPN, TorGuard, and Private Internet Access.

However, some of the biggest VPNs have taken a more wait-and-see approach to implementation of WireGuard. In general, greater speeds for encryption usually come at the expense of lower security and at the time of writing, there are ongoing concerns that WireGuard is still early in development and so may not be as stable as a more mature project. This is why ExpressVPN and some other VPN providers have not implemented WireGuard to date.

Still, it remains an intriguing new protocol, and is off to a promising start.

 

SpiderWeb

Level 3
I've been using WireGuard since it was supported by Windscribe. Only adds 1ms to my ping. The overhead is near zero. Amazing. The way it instantly connects is the scariest part. You flip the switch and you are connected. No spinning icons, no nothing. I hope they will soon implement real post-quantum authentication and key exchange as well.
 

Azure

Level 26
Verified
Content Creator
I've been using WireGuard since it was supported by Windscribe. Only adds 1ms to my ping. The overhead is near zero. Amazing. The way it instantly connects is the scariest part. You flip the switch and you are connected. No spinning icons, no nothing. I hope they will soon implement real post-quantum authentication and key exchange as well.
How do you enable it on Windscribe?
 

SpiderWeb

Level 3
How do you enable it on Windscribe?
Open the Windscribe app > Connection > Connection Mode > Manual > Pick "WireGuard", pick whatever port you want.
 

Attachments

  • Screenshot 2020-08-27 at 19.47.06.png
    Screenshot 2020-08-27 at 19.47.06.png
    82.2 KB · Views: 71

SpiderWeb

Level 3

Cortex

Level 23
Verified
ExpressVPN has its own new protocol. It's call Lightway

I gave Lightway a few days ago on the Windows Beta, I think it needs more work as it was the slowest protocol there was, even slower than open, of course it is in beta & there are many other factors involved, but at that time i was surprised it wasn't better - I'll try it again later :(:(:(
 
Top