Which cryptography is used in WireGuard ?
What is WireGuard® ?
WireGuard® is a fast and modern protocol taking the world of VPN connections by storm. Its state-of-the-art cryptography makes it the best alternative for OpenVPN.
Can I use WireGuard® ?
WireGuard can already be implemented depending on your operating system :
- Windows - CyberGhost VPN version 8 users can take full advantage of the new WireGuard® protocol.
- macOS- supports WireGuard®protocol
- Android and iOS - WireGuard® is the default protocol.
- Linux - supports WireGuard®protocol
How is WireGuard® different ?
An important element that makes WireGuard different from other VPN protocols such as OpenVPN, IPSEC, L2TP, and PPTP is the layer at which it works. It supports only layer 3. WireGuard® is widely regarded as the most secure, user-friendly, and simple VPN protocol solution in the industry. WireGuard® offers a number of advantages that outperform other types of VPN protocols :
- Offers faster speeds than OpenVPN
- Boosting performance
- Less memory and CPU resources required than IPsec
- Available on all major operating systems
WireGuard supports IPv4 and IPv6 addresses, as well as the ability to encapsulate IPv4 packets into IPv6 and vice versa. WireGuard uses "crypto-key routing", i.e. each IP address allowed on the VPN is associated with a public key. WireGuard also guarantees the perfect confidentiality of the transmissions.
Which cryptography is used in WireGuard®?
Unlike using AES or SHA for the encryption or hashing, WireGuard® combines a set of newer algorithms. These algorithms are :
- ChaCha20 for symmetric encryption, authenticated with Poly1305, using RFC7539’s AEAD construction
- Curve25519 for ECDH
- BLAKE2s for hashing and keyed hashing, described in RFC7693
- SipHash24 for hashtable keys
- HKDF for key derivation, as described in RFC5869
With WireGuard, all packets are sent over UDP.
A detailed overview can be found on the WireGuard website.
"WireGuard" is a registered trademark of Jason A. Donenfeld.
Comments
0 comments
Article is closed for comments.