The next big thing in VPN protocols
The key to virtual private networks - or VPN - is the creation of the encrypted tunnel from the client to the VPN server. Through this tunnel, all the internet data is transmitted back and forth. The privacy of the VPN connection is based on the encryption used, to keep the data going through it secure from both hackers and others - like your ISP - that want to take a peek.
There are plenty of options for the encrypted data VPN protocol, each with its advantages and disadvantages. Some popular ones are PPTP, SSTP, and OpenVPN (which has both TCP and UDP variants). The goals of any of these encryption protocols is to provide a high level of encryption, with a low overhead of computing resources. While OpenVPN remains quite popular with its 256-bit encryption, it does go back to 2001, and much has changed with computing since Windows XP debuted.
WireGuard is a more recent entry into the world of VPN encryption protocols and is just beginning to gain more traction in the cybersecurity sphere. In this article, we're taking a closer look at WireGuard.
WireGuard's developer is Jason A. Donenfeld who has a background in online security, with current development done by Edge Security LLC. While it was initially developed for the mainstream Linux kernel, it is currently cross-platform, with support for the major operating systems of Windows, Mac, iOS and Android.
The main advantage of WireGuard is that it runs much lighter and is designed to offer encryption with less overhead. When compared to the more common OpenVPN and IPsec protocols, WireGuard demonstrates benefits with both faster throughput speeds, and lower ping times.
While WireGuard’s code is said to contain about 4,000 lines, this is far less than the 100,000+ lines of code that comprises either of the competing VPN protocols of OpenVPN or IKEv2/IPsec. This advantage also makes it well suited for embedded devices with less computing power, such as a smartphone, router, or even a RaspberryPi.
WireGuard also endeavors to be simple to deploy with an easy installation. Cryptography is state-of-the-art using modern protocols such as Curve25519, ChaCha20, and Blake2. The much shorter code length also makes it a lot simpler to audit than longer length protocols.