Technology Explained

What Is WireGuard? The Future of VPN Technology

Luke James 29-11-2018

VPNs are complex, and with so much choice on the market and all providers claiming their VPN is the best, subscribing to one is a decision that requires much thought.


When you throw in other elements such as price points and device compatibility before you even get to the more technical aspects of choosing a VPN, it’s easy to overlook what is by far one of the most important considerations: protocols and encryption methods used.

Whilst OpenVPN is currently the industry leader, WireGuard looks to be a worthy contender.

What Is WireGuard?

Wireguard VPN
Image Credit: WireGuard /Wikipedia

A VPN protocol The 5 Major VPN Protocols Explained OpenVPN, SSTP, L2TP: what do they all mean? We explain the major VPN protocols so you can choose the best one for your privacy needs. Read More  determines how your data is routed from your computer to a server. Different protocols have different characteristics—i.e. some are more secure than others—and are better for different tasks.

For example, some protocols prioritize security whereas others prioritize speed. When choosing a VPN, it is important to know what you need it for and choose a VPN that has protocols supporting this.


Although there are many widely-used VPN protocols—SSTP, PPTP, and P2TP/IPSec to name a few—there is one newer protocol that stands out above the rest, WireGuard. It is not yet officially released, but it is set to be the key protocol for the future of VPNs.

Introducing WireGuard, the New VPN Technology

It has been lauded as the next-generation in secure VPN tunneling. As an open-source protocol, WireGuard is a secure network tunnel on the network layer—the third layer on the OSI model of computer networking—for IPv4 and IPv6.

Using modern cryptographic protocols, WireGuard is ultra-secure and is very quickly gaining traction. It is very popular with developers particularly. Initially released for Linux, it is now compatible with multiple platforms and provides some of the strongest encryption that has ever been seen.

What Makes WireGuard Different?

Created by Jason Donenfeld, a cybersecurity expert and founder of Edge Security, WireGuard stems from his own root kit exfiltration methods that he used to stay inside networks for extended periods of time without being noticed.


When compared to other popular VPN protocols, it is clear to see just how WireGuard blows them out of the water.

1. It Is Much Smaller

The codebases for other popular protocols such as OpenVPN and IPSec are huge, running to hundreds and thousands of lines of code. This is problematic because it makes finding and troubleshooting bugs and vulnerabilities difficult. Today, bugs and vulnerabilities are still being found in other VPN protocols because their codebases are extremely vast.

In contrast, WireGuard’s code is simple and weighs in at around 4,000 lines of code whereas OpenVPN has close to 100,000 lines. Oh, and OpenVPN also requires OpenSSL which adds on something in the region of 500,000 lines.

Fewer lines of code also means fewer crashes and hangs. Plus, the increased throughput means that it is much better for gaming, video streaming Which VPNs Still Work With Netflix? Netflix is cracking down on VPNs, but there are a few that still work. Here are the best VPNs to use with Netflix. Read More , and other data-intensive tasks.


2. WireGuard Is Simpler to Use

In a world that is constantly becoming more reliant on mobile devices The 5 Best VPNs for Android Need a VPN for your Android device? Here are the best Android VPNs and how to get started with them. Read More and the growing concerns regarding privacy and censorship 8 Instances You Weren't Using a VPN but Should've Been: The VPN Checklist If you haven't already considered subscribing to a VPN to secure your privacy, now is the time. Read More , VPN providers now must cater to everybody. VPNs are no longer just for the tech-savvy, they are being used by corporations, technically-challenged users, and casual gamers across all devices.

At the same time, VPN protocols used in most VPN products rely on complex tunneling protocols such as OpenVPN and IPSec. Not only can they be complex and slow to run due to the huge amount of code, but they are also difficult to secure.

WireGuard, however, is small, lightweight, easy to implement on all devices, and operates in ‘stealth mode’, not transmitting data unless it is actually transmitting data.

3. It Has Next-Level Encryption

WireGuard uses a process known as ‘cryptokey routing’ to protect users’ data. It works by coupling together public encryption keys with authorized VPN tunnel IP addresses.


WireGuard also deliberately avoids using so-called “industry standard” algorithms with inherent weaknesses in favor of the latest and toughest options. These include:

  • ChaCha20 authenticated with Poly13045
  • Curve25519
  • HKDF
  • Blake2s
  • SipHash24

The combination of no configuration options alongside relatively short 256-bit encryption keys has concerned some people, especially given that OpenVPN offers 4,906-bit RSA. When you do the math, though, 4,096-bit key is ridiculously unnecessary.

With 256-bit you need to work through 2256 combinations before cracking it. Considering that most problem sets uncover solutions halfway through, that leaves a whopping 2255 possible failures.

What’s Next for WireGuard?

At the moment, WireGuard is still very, very new. So much so that it is, strictly speaking, unproven. Whilst it has undergone some formal verification for its cryptography, it cannot yet officially be considered secure. At this moment in time, WireGuard is not a real challenger to OpenVPN.

WireGuard’s developers have even gone so far as to say that it is presently an incomplete protocol. You shouldn’t rely on it yet unless, of course, you are using it for testing purposes.

Until it undergoes a proper security audit and is officially released, its safety cannot be guaranteed. The WireGuard team are working towards a stable release, however, but there has been no word of a date.

High Hopes for the New VPN Protocol WireGuard

The current range of robust VPN protocols such as OpenVPN is great. They are fast, secure, and widely accessible. How long they can remain suitable, particularly as tech gets smarter and more people head online, is unknown.

While demand for a lightweight and simple protocol is currently low, this is likely to change over time. It is solutions such as WireGuard that will become the next “industry standard” for VPNs.

This gives WireGuard plenty of time to be developed further. At present, there are key elements missing, such as key distribution and non-handling of key exchange. These shortcomings are under continual development, however, which should eventually make WireGuard more attractive to commercial VPN providers.

But with the long-term future of VPN software 7 Reasons Why VPNs Might Die Out by 2020 VPNs keep you secure at all times, right? Wrong! Here are 7 worrying reasons VPNs might die out before 2020 -- taking your privacy with them. Read More doubtful, WireGuard could be the basis for the next generation VPN software.

Related topics: OpenVPN, VPN, WireGuard.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. gazoo
    November 30, 2018 at 8:06 am

    Thanks for the introduction to WireGuard! I'm much more at ease since I switched to Linux a few years back (no longer fighting an OS that's weaponized against me) but VPN is a requirement on any OS I use.

    Can't wait to see how this developes and how quickly it's incorporated by some of the better VPN providers.

  2. Mike Walsh
    November 29, 2018 at 4:56 pm

    Best way round all this is simply to operate your own, personal 'supernode'.