Whether you are a seasoned veteran in the world of VPNs or a newcomer, there is a chance you may have heard of the new VPN protocol, WireGuard. It has the potential to change many things in the industry, such as faster speeds, better reliability, and new and improved encryption standards. Though there are some great things that could happen, there are also some issues it has as well. Below, we will explain this new protocol as well as the drawbacks.
What is WireGuard?
Simply put, Wireguard is an experimental VPN protocol that is supposed to offer a more simple, faster, and more secure option than current protocols. There are some major differences between OpenVPN (the industry gold standard) and WireGuard. Let’s take a look at the pros and cons vs the traditional methods.
- Updated encryption techniques – While the industry standard is typically AES-256, the founder of WireGuard felt that the encryption was outdated. Instead, it uses a number of different methods including ChaCha20, BLAKE2s, Curve25519, SipHash24, and HKDF. Those are allegedly better options and you can read more about them on their website if you wish to.
- Simple and minimalized code base – Instead of using around 600,000 lines of code, WireGuard only uses about 3,800 lines of code. That makes it light and manageable.
- Speed increases – One issue that VPNs face is the loss of speed due to the encryption. WG is specifically designed to provide the user with significant improvements in performance resulting in faster speeds, better battery life, more reliability, better roaming support, and faster connects and reconnects.
- Cross-platform ease – Because WG uses public keys instead of certificates like OpenVPN does, it should work well across all platforms.
- New and untested – Despite the advantages we mentioned, WG has no proven track record. OpenVPN, of course, does. It was originally released in 2001 and has gone through a number of major audits by OSTIF.
- Still in heavy development – Unfortunately, WG is not complete. That does not stop some companies, though, from using it. That is even with the warning from WG itself not to rely on the code.
- Privacy concerns and logs – Even though WG does offer some distinct advantages as far as speed and security goes, it fails from the privacy standpoint. By design, it will not work with a “no log policy”. It simply must use logs to operate correctly.
- Needs its own infrastructure – Because it is so different from OpenVPN and IPSec, it needs to have entirely separate servers. Compatibility issues, key management, distribution, and other issues plague this protocol.
As you can see, while WireGuard has some definite advantages, it is not something that you will want to use or trust anytime soon. At least until they fix the issues with it. That said, there are a number of VPN providers that are testing it when it is eventually ready. Don’t look for WireGuard to be the primary protocol for reputable VPN companies any time soon.