Introducing WireGuardÂź Protocol: What You Need to Know
Updated on July 13, 2021: From now on, traffic filtering, malware protection, and suspicious DNS activity blocking are available as a part of the separate DNS Firewall app.
The cybersecurity world is evolving and so does VPN Unlimited! Keeping up with the latest technology trends, we are implementing the next-generation VPN protocol WireGuardÂź. Though itâs still under development and in the testing phase, it is already forecasted to outperform the existing protocols in many aspects. What is WireGuardÂź, why use it, what advantages it can boast of, how to use WireGuardÂź in VPN Unlimited app? Read on and find answers in this piece!
- What is the WireGuardÂź protocol
- Why use WireGuardÂź VPN protocol: main advantages
- How to start using WireGuardÂź protocol
- Bottom line on WireGuardÂź VPN protocol
What is the WireGuardÂź protocol
WireGuardÂź is a new open-source VPN protocol that uses state-of-the-art cryptography and aims to be simpler, faster, and more secure than the existing VPN protocols. It is considered to be better designed than the IPSec protocol and to provide better performance than OpenVPN.
Developed by Jason Donenfeld and introduced in 2018, WireGuardÂź was quickly accepted by users worldwide. It even caught the attention of Linux Torvalds, the developer behind Linux, who called it a work or art:
Can I just once again state my love for it (WireGuardÂź) and hope it gets merged soon? Maybe the code isnât perfect, but Iâve skimmed it, and compared to the horrors that are OpenVPN and IPSec, itâs a work of art.
Whatâs so special about WireGuardÂź? Well, it does have some advantages over the existing VPN protocols.
Why use WireGuardÂź VPN protocol: main advantages
Updated encryption technology
Jason Donenfeld intended to upgrade what he considered to be the outdated aspects of OpenVPN and IPSec protocols. This said, WireGuardÂź eschews standard algorithms that have long-lasting weaknesses in favor of the most modern, strongest cryptographic primitives (low-level algorithms). As stated on the WireGuardÂź website, the following ciphers are used:
- ChaCha20 for symmetric encryption, using Poly1305 for authentication
- Curve25519 for ECDH (Elliptic-curve Diffie-Hellman, a key agreement protocol for establishing a shared secret over an insecure channel)
- SipHash24 for hashable keys
- BLAKE2s for hashing and keyed hashing
- HKDF for key derivation
Simple code base
The WireGuardÂź protocol features much lighter build than most VPN protocols (at least open-source ones, with visible codes). All in all, WireGuardÂź weighs around 4000 lines of code, which is in stark contrast to 600 000 total lines of OpenVPN and OpenSSL combined. IPSec is also quite bulky, featuring 400 000 lines with XFRM and StrongSwan together.
Whatâs the benefit? Actually, there are several advantages:
- Fewer lines of code imply much less attack surface in comparison to OpenVPN and IPSec.
- Smaller code base is much easier to audit. OpenVPN would require a team of auditors whoâd be checking it for days, while one person can audit WireGuardÂźâs code in just a few hours.
- Easier audit means itâs easier to find vulnerabilities and keep the protocol secure.
- Less bulky code also means it is more likely to work as itâs supposed to.
Better performance
High-speed cryptographic primitives and peculiarities of WireGuardÂź technology potentially bring significant performance improvements, both on small devices like smartphones and loaded backbone routers.
WireGuardÂźâs small code base allows it to offer users quite decent speeds. It should allegedly be capable of establishing connections and handshakes faster, at the same time offering enhanced reliability. Mobile users should especially benefit from WireGuardÂź as it is designed to be less resource-consuming and not eat up too much battery.
All in all, WireGuardÂź protocol should outperform other protocols in terms of:
- Speed
- Reliability
- Longer battery life on smartphones and tablets
- Faster connection and reconnection
Cross-platform use
Though originally released for Linux-based operating systems, WireGuardÂź can now be adapted for a number of different platforms. For example, it may be used on systems running macOS, Ubuntu, iOS, and Android, thus covering a wide range of devices.
How to start using WireGuardÂź protocol
Currently, there arenât many WireGuardÂź VPN providers. However, VPN Unlimited offers you an opportunity to try out this most modern VPN protocol yourself. All you need to do is follow a few simple steps below:
- Download VPN Unlimited app.
- Create your KeepSolid ID or log in.
- Navigate to the app Menu > Settings.
- Go to Protocols and select WireGuardÂź.
- Start exploring the next-gen protocol!
Note: Currently, weâve implemented WireGuardÂź protocol in the macOS and Android versions of VPN Unlimited app. Though already available for Personal Server and Personal IP users, WireGuardÂź on Windows and iOS for all VPN servers is coming soon, stay tuned!
Bottom line on WireGuardÂź VPN protocol
Providing high-speed connection and unmatched security at the same time is a constant challenge for VPN services. However, the innovative WireGuardÂź solution brings radical change in the industry, featuring simple build, fast connection speed, and strong cryptography.
Dive into the new enhanced VPN experience with VPN Unlimited and WireGuardÂź, the VPN protocol of the future!
âWireGuardâ is a registered trademark of Jason A. Donenfeld.