WireGuard

WireGuard is a free and open source Virtual Private Network (VPN) software application and communication protocol that uses VPN techniques to create secure point-to-point connections in routed or bridged configurations. It uses cryptography protocols and algorithms to protect data. Originally developed for the Linux kernel, it can also be used on Windows, macOS, BSD, iOS, and Android. The protocol aims for better performance, security and simplicity than IPsec and OpenVPN tunneling protocols.

How WireGuard works

WireGuard uses tested cryptographic primitives that result in strong default cryptographic choices that users don’t have the ability to change. It does not use cryptographic agility, which is the concept of offering choices among different encryption, key exchange, and hashing algorithms, sometimes resulting in insecure deployments. WireGuard uses state of the art cryptography like ChaCha 20 for symmetric encryption with Poly1305 for message authentication. It includes protection against key impersonation, denial-of-service and replay attacks, and post-quantum cryptographic resistance.

A process called cryptokey routing is used in WireGuard’s encryption. It associates public encryption keys with a list of VPN tunnel IP addresses that are allowed inside the tunnel. A unique private key and a list of peers is associated with each network interface. Each peer has a short and simple public key to authenticate it with other peers. The public keys can be distributed for use in configuration files and is similar to key-based authentication in OpenSSH.

IP addresses can be readily switched on both ends without breaking the system. Users can switch between Wi-Fi, cellular, and other connections without having to worry about the configuration. This is because the client configuration contains an initial endpoint for its definition server so it knows where to send encrypted information before it receives any. Since the clients continue to track the server, if the system changes location, the clients will discover the new server endpoint and update their configuration.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.

Related Articles

Phishing

What is phishing? Phishing is a type of cybercrime in which victims are contacted by email, telephone, or text message by an attacker posing as...

Photo Editing Software

Photo editing software is used to manipulate or enhance digital images. This category of software ranges from basic apps, which are able to apply...

SOHO Business Solutions: Free Email Marketing Services

Just like big businesses, SOHO (small office/home office) owners can leverage email marketing systems to communicate with customers, partners and employees. Just like big businesses,...

Fintech

Fintech, also known as "financial technology," is a term used to describe companies that use innovative technology to create more efficient, transparent, and cost-effective...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...