WireGuard is a next-generation open source secure tunneling VPN protocol developed by Jason Donenfeld. It is a Layer 3 secure network tunnel for IPv4 and IPv6 that uses "conservative modern cryptographic protocols". It is UDP-based and has built-in stealth, which allows it to punch through firewalls. The authentication model for WireGuard is based on SSH’s authenticated_keys.
Compared to established VPN tunneling protocols such as IPSec and OpenVPN, WireGuard is small. Weighing in at just 3782 lines of code (compared to 329,853 for OpenVPN), WireGuard’s economic size makes it much easier to audit. This means that checking the security of the platform is much less expensive, and can be done in an afternoon by just one person.
WireGuard is designed to be a general purpose VPN for running on embedded interfaces. Although WireGuard was originally designed for the Linux Kernel, it has now been implemented for Android, MacOS, and Windows. In fact, WireGuard is praised as a mobile VPN application - because its stealth features mean it never transmits packets unless there is actual data to be sent. The result is that, unlike other VPN protocols, which are power hungry, WireGuard doesn’t constantly drain the battery.
What is different about WireGuard?
WireGuard’s developer Jason Donenfeld is the founder of Edge Security. He cut his teeth in the security industry, working in offensive and defensive applications. He developed route kit exfiltration methods that allowed him to remain inside a network without being detected.
“When you’re in a network doing a red team assessment and penetration test you want to be able to maintain a persistence in the network for the duration of the assignment. You want to be able to exfiltrate data in a stealthy way - so that you can avoid detection - and get the data out in a secure and undetected manner.”
Donenfeld says that during the course of his security work, he became aware that his methods could also be implemented for secure communications:
“I realized that a lot of the same techniques I needed for secure exfiltration are actually perfect for a defensive VPN. So, WireGuard has a lot of these nice stealth features built in where you can’t scan for it on the internet, it’s undetectable unless you know where it is. It won’t respond to unauthenticated packets.”
The result, according to Donenfeld, is a VPN tunnel that is more trustworthy than its predecessors and that is based on new code as opposed to what he refers to as “dated technologies from the 1990s”.
Why is Wireguard so small?
One of Donenfeld’s key goals in developing WireGuard was to keep the code simple. According to Donenfeld this was inspired by his general lack of confidence in the massive size of existing VPN protocols. Talking about OpenVPN and IPsec, Donenfeld explained:
“Even after so many assessments and teams auditing these codebases people are still finding bugs, because they are just too big and complex.”
Donenfeld says that his desire to keep WireGuard minimal and simple led to the development of protocol cryptography that has a “tiny implementation,” with less possible exploits and vulnerabilities:
“For example, all the fields in the protocol are fixed length, so we don’t have to have any parsers. And if there are no parsers then there are no parser bugs.”
To speak of the cryptography itself, WireGuard (and WireGuard clients such as TunSafe) implement proven modern primitives such as Curve25519 (for elliptic curve Diffie Hellman), ChaCha20 (for hashing), Poly1305 and BLAKE2 (for authenticated encryption), and SipHash2-4 (for the hash tables). Donenfeld says that "importantly, there is no cipher agility". This is a key part of the protocol that makes it more secure than its predecessors.
"If the cipher is broken, then you upgrade and you don't allow broken ciphers on your network. At the moment these [primitives] are the nicest ones, but if they become outdated at any point we will change them."
Another exciting thing about Wireguard is that it increases throughput by up to six times when compared to OpenVPN. In theory, that means it is much better for data-intensive tasks such as gaming or streaming in HD.
Big plans for WireGuard on Linux
Currently, WireGuard is an out of tree module for the Linux kernel - so when you purchase a Linux distribution it doesn’t come preloaded like XFS or other drivers. This means that if you want to use WireGuard, you have to track down the source and compile it yourself - or find a trustworthy source that has already compiled it for your Linux kernel version.
Donenfeld wants that to change. WireGuard’s developer wants Linux to add the code to the Kernel by default so that all Linux distros ship with it. If the proposal Donenfeld submitted last Tuesday is successful, a set of patches would be added to the Linux kernel to integrate the secure VPN tunneling code as an official network driver.
Can you expect to see WireGuard implemented in a commercial VPN client anytime soon?
For the time being WireGuard is still unproven. Although it has been subject to some formal verification for its cryptographic implementation, it is not yet considered secure. This means it has some way to go before it will be challenging OpenVPN.
Even WireGuard’s developers admitthat:
“WireGuard is not yet complete. You should not rely on this code. It has not undergone proper degrees of security auditing and the protocol is still subject to change. We're working toward a stable 1.0 release, but that time has not yet come.”
In addition, WireGuard’s nonhandling of key exchange is a problem for commercial VPNs, which need their API to be able to handle sharing keys between multiple servers located around the globe in a secure and efficient manner.
Despite this, the talk of adding WireGuard to the Linux kernel project is exciting and shows that there are high hopes for this novel VPN protocol. For now, it is likely to remain on the fringes - used only by people who desire the extra security involved in setting up their own VPN node.
Emanuel Morgan, CIO at NordVPN, says he finds WireGuard highly interesting but told ProPrivacy.com that commercial VPN providers will need to “wait until it has matured enough” before considering implementing it:
“At the moment too many parts are missing to deploy it on scale and there is no standard way to distribute keys. Without key distribution, WireGuard is less desirable as a commercial VPN application.
"Users need to be sure that they are connecting to a legitimate VPN server, and OpenVPN's server certificates solve this problem in a simple, secure and efficient way.”
Image credits: New Design Illustrations/Shutterstock.com, tanewpix/Shutterstock.com, file404/Shutterstock.com