What is WireGuard?

What is WireGuard?
(Image credit: WireGuard)

The key goal of the best VPN services is to create a secure encrypted tunnel for all your internet traffic, shielding it from hackers and others - like your ISP - that want to take a peek.

VPN providers can choose from many protocols - OpenVPN, IKEv2, L2TP, SSTP, more -to create and manage the encrypted tunnel, each with their advantages and disadvantages. 

OpenVPN is the most popular option, but its original design dates back to 2001, and much has changed in our internet technology and use in the last 20 years. 

WireGuard is a more recent entry into the world of VPN protocols and it's already gained acceptance across the cybersecurity sphere. In this article, we're taking a closer look at WireGuard, its major pluses, and one or two potential down sides. 

Light VPN protocol 

WireGuard's developer, security researcher Jason A. Donenfeld, began work on the protocol in 2016. Originally developed for Linux, it's now also available as a desktop and mobile VPN app across Windows, Mac, Android, and iOS.

One major advantage of WireGuard is its simplicity. OpenVPN and IKEv2 require hundreds of thousands of lines of code, as they rely on multiple encryption and authentication such as I2P. This is because traditional VPN protocols tend to separate out the ‘transport’ and ‘security’ layers for data but this involves large amounts of processing. 

WireGuard, on the other hand, works with under 5,000 lines of code, and that has all kinds of benefits. Fewer bugs and security vulnerabilities, for instance. Other advantages include reduced CPU usage and faster connection times. 

Since it uses much less code, it's also much better suited for routers and mobile devices that don't have desktop levels of computing power. 

StrongVPN supports the WireGuard protocol

(Image credit: StrongVPN)

First-class crypto 

Cryptography is another highlight, with WireGuard using state-of-the-art protocols such as Curve25519, ChaCha20, Poly1305 and BLAKE2.

You may wonder why WireGuard doesn’t rely on good old-fashioned 256-bit AES to encrypt data. After all, it’s government-approved, military grade encryption software, which may be why OpenVPN uses a variant of it. The answer is really one of efficiency: 

ChaCha20 also uses a 256-bit encryption key but unlike AES doesn’t need a computer with a dedicated AES-friendly processor to run more efficiently. It can run perfectly in software using an ordinary CPU. This protocol is also specifically designed as a ‘stream cipher’ unlike AES, so doesn’t need anything to communicate securely. 

WireGuard does however, combine the ChaCha20 cipher with the Poly1305 message authentication code. In brief, this makes it much harder for an attacker to insert fake messages into your cipher stream to either redirect your traffic or make it easier for them to work out your encryption keys.  

By using ChaCha20-Poly1305 over an AES cipher like AES-GCM, WireGuard is more resistant to 'timing attacks'. This occurs when hackers try to work out the encryption protocols you’re using by measuring the time it takes to implement certain algorithms. 

The benefits of ChaCha20 are clear, as it’s the most popular stream cipher out there but those in the know also may wonder at the decision of WireGuard’s developers to use the BLAKE2 hash function, rather than something more familiar like SHA256. In crypto circles, it’s generally safer to stick with what’s familiar after all.

For starters, this decision to use BLAKE2 over SHA is one of efficiency. BLAKE2 simply works faster than other well-known hash functions like SHA or MD5. BLAKE2 also has 'indifferentiability'. This is a concept which gets cryptographers excited - in simplest terms the idea is that a cipher or hash function should be indistinguishable from truly random data. This is hard to prove in practice but security researchers agree that BLAKE2 succeeds in doing this to a large extent. This feature, sometimes known as a ‘random oracle’ also isn’t supported by SHA.

Curve25519 is an example of elliptic curve cryptography so, like ChaCha20, is designed specifically for securely transmitting data. It’s been around since 2005 and uses a 256-bit key to offer 128-bit encryption. It’s one of the fastest curves of its kind, so it’s no wonder it’s included in the ultra-efficient WireGuard protocol as well as OpenSSH.  

Wonder of WireGuard 

The decision of WireGuard’s developers to use established and efficient encryption and authentication protocols is a wise one. In Information Security circles, experts like to stick with what’s familiar and there’s no question that WireGuard has been designed with security in mind. 

Another big advantage of WireGuard is efficiency. Aside from using a fraction of the code of other implementations, WireGuard can run inside the Linux kernel, the guts of the OS which does all the low-level heavy lifting. 

OpenVPN runs outside the kernel. So, Linux must do extra work (technically known as a 'context switch') to help OpenVPN work with the system, every time it sends or receives packets. As WireGuard lives inside the kernel, there’s no need for context switching, whereby the operating system has to store a process to be retrieved for execution later. 

This can potentially deliver a big performance boost. How big? In August 2021  developer Donenfeld reported a WiFi speed increase from 95Mbps to 600Mbps with a new kernel-friendly Windows beta, though it's not yet clear how typical that might be.

While acknowledging that there’s a long road ahead, the WireGuard website’s performance page shows the results of some early benchmarking. The first test related to data throughput over gigabit Ethernet relative to using IPSec with the stream ciphers ChaPoly and AES-GCM, as well as OpenVPN. 

In this test, WireGuard was able to transmit about 20% more data than the IPSec protocols. Using IPSec also maxed out the computer’s CPU unlike with WireGuard. OpenVPN was only able to transmit around 25% of the data WireGuard did, with the CPU being completely maxed out, like with IPSec.

WireGuard’s 'ping' time was slightly faster than the IPSec protocols but around three times faster than OpenVPN. 

With these obvious advantages, it's no surprise that WireGuard is now widely supported in the VPN world. Surfshark, Private Internet Access, VyprVPN, StrongVPN, TorGuard and others include it in their apps. NordVPN even used WireGuard as the basis for its NordLynx protocol. 

WireGuard Disadvantages 

WireGuard isn't supported by everyone, though, and there are several issues for VPN providers to solve before they can make it work. In fairness to the development team, they actually have published a page listing known weaknesses with the protocol. 

WireGuard is designed for simplicity and efficiency, so doesn’t include certain features common to most VPN protocols. It doesn't have a way to allocate dynamic IP addresses, for instance. This means in theory that your VPN IP address could be the same every time you connect, potentially allowing you to be tracked online.

WireGuard doesn't automatically delete your IP address when you disconnect, either. It might stay in memory for who-knows-how-long after the session has ended. OpenVPN and other protocols work harder to protect your privacy by deleting IPs when they're no longer needed, reducing the opportunity for your address to be logged.

There's also no support for forward secrecy - a system where VPN data is encrypted using a new private key every session. WireGuard uses the same key by default, which means if a hacker gets into the server and can steal your key, they may also be able to decrypt your traffic.

By default WireGuard also doesn’t do anything to obfuscate your traffic, so it can be vulnerable to DPI (Deep Packet Inspection). This doesn’t put your data at risk but it would be obvious to anyone with access to your ISP’s records that you’re using a paid-for or free VPN.

While most VPN Providers offer connections both TCP and UDP, WireGuard only supports UDP, which can be more efficient but the protocol isn’t coded to confirm delivery of data packets, so can sometimes have data transmission/reception issues. 

Bear in mind that if your VPN provider offers WireGuard, you’ll only be able to use it with servers using UDP unless you or they are using a third-party tool to send UDP data packets via TCP such as ‘udptunnel’ or ‘udp2raw’. Be warned though, this will almost certainly slow down your connection and data processing times. 

As WireGuard is still in active development, its creators acknowledge that it may have some stability issues for the foreseeable future. This said, WireGuard has come a long way since its Linux-only days. The project’s Downloads page lists an impressive number of supported platforms including Windows and macOS, while admitting that performance is best with the Linux Kernel.  

The Rust implementation of WireGuard (wireguard-rs) is still a work in progress. Once complete this should make WireGuard run faster and more safely on all platforms, as Rust is truly cross-platform, very efficient and fixes a number of system vulnerabilities. Using Rust instead of the ‘Go’ programming language should also improve battery life when using WireGuard on mobile devices. 

Don't panic over protocols

Although WireGuard has privacy concerns, they're not bugs or issues with the design. The whole point of the protocol is to keep things simple and throw away a lot of the complexity, and these are some of the features that got left out.

These concerns don't mean connecting using WireGuard is less secure than OpenVPN, either, because the top VPNs have created their own app and server-based solutions.

IVPN has come up with its own way to assign dynamic IP addresses and give you a new private key, for instance. And it fixes the 'stores IP addresses forever' issue by detecting when nothing's happened on the connection for three minutes, then deleting and reconfiguring your connection.

NordVPN have also used an implementation of WireGuard in their own ‘Nordlynx’ protocol, which uses the provider’s own double NAT (Network Address Translation) to authenticate users using a specialised database. This avoids users revealing their home IP address to the VPN server, plus NordVPN can assign fresh ‘dynamic’ IP addresses to users each time they connect to the service. This is all at no extra cost to NordVPN subscribers.  

Without a doubt WireGuard is both more efficient and more secure than any other free and open-source (FOSS) VPN Protocol. 

Still, not every VPN provider is going to be willing and able to do the extra work that IVPN and NordVPN have to make the protocol suitable to use with VPNs when it comes to assigning IP addresses and authenticating users without storing personal data on their servers.

If you're interested in WireGuard, make sure to research the provider thoroughly to find out if they support it and how exactly it’s implemented on their network. 

Mike Williams
Lead security reviewer

Mike is a lead security reviewer at Future, where he stress-tests VPNs, antivirus and more to find out which services are sure to keep you safe, and which are best avoided. Mike began his career as a lead software developer in the engineering world, where his creations were used by big-name companies from Rolls Royce to British Nuclear Fuels and British Aerospace. The early PC viruses caught Mike's attention, and he developed an interest in analyzing malware, and learning the low-level technical details of how Windows and network security work under the hood.