WireGuard

The WireGuard protocol is a variant of the Noise Protocol Framework IK handshake pattern, as illustrated by the choice of Noise_IKpsk2_25519_ChaChaPoly_BLAKE2s for the value of the Construction string listed on [https://www.wireguard.com/papers/wireguard.pdf p10 of the Whitepaper].

WireGuard uses the following:

• Curve25519 for key exchange
• ChaCha20 for symmetric encryption
• Poly1305 for message authentication codes
• SipHash24 for hashtable keys
• BLAKE2s for cryptographic hash function
• HKDF for key derivation function
• UDP-based only
• Base64-encoded private keys, public keys and preshared keys

In May 2019, researchers from INRIA published a machine-checked proof of the WireGuard protocol, produced using the CryptoVerif proof assistant.{{citation|first1=Benjamin|last1=Lipp|first2=Bruno|last2=Blanchet|first3=Karthikeyan|last3=Bhargavan|title=A Mechanised Cryptographic Proof of the WireGuard Virtual Private Network Protocol|url=https://hal.inria.fr/hal-02100345|date=2019|publisher=Inria|place=Paris|series=Research Report RR-9269|page=49|type=report |id=hal-02100345}}

WireGuard supports pre-shared symmetric key mode, which provides an additional layer of symmetric encryption to mitigate future advances in quantum computing. This addresses the risk that traffic may be stored until quantum computers are capable of breaking Curve25519, at which point traffic could be decrypted. Pre-shared keys are "usually troublesome from a key management perspective and might be more likely stolen", but in the shorter term, if the symmetric key is compromised, the Curve25519 keys still provide more than sufficient protection.{{Cite web|last=Donenfeld|first=Jason|date=May 2, 2021|title=WireGuard: Next Generation Kernel Network Tunnel|url=https://www.wireguard.com/papers/wireguard.pdf|website=Wireguard.com}}

WireGuard uses only UDP, due to the potential disadvantages of TCP-over-TCP.{{cite web | url=http://sites.inka.de/bigred/devel/tcp-tcp.html | title=Why TCP Over TCP Is A Bad Idea | first=Olaf | last=Titz | date=2001-04-23 | access-date=2015-10-17}}{{cite conference | bibcode=2005SPIE.6011..138H | title=Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency |author1=Honda, Osamu |author2=Ohsaki, Hiroyuki |author3=Imase, Makoto |author4=Ishizuka, Mika |author5=Murayama, Junichi | s2cid=8945952 |book-title=Performance, Quality of Service, and Control of Next-Generation Communication and Sensor Networks III | volume=6011 | date=October 2005 | doi=10.1117/12.630496 | citeseerx=10.1.1.78.5815 | editor1-last=Atiquzzaman | editor1-first=Mohammed | editor2-last=Balandin | editor2-first=Sergey I}} Tunneling TCP over a TCP-based connection is known as "TCP-over-TCP", and doing so can induce a dramatic loss in transmission performance due to the TCP meltdown problem.

Its default server port is UDP 51820.

WireGuard fully supports IPv6, both inside and outside of tunnel. It supports only layer 3 for both IPv4 and IPv6 and can encapsulate v4-in-v6 and vice versa.{{cite conference|last=Donenfeld|first=Jason A.|title=WireGuard: Next Generation Kernel Network Tunnel|url=https://www.wireguard.com/papers/wireguard.pdf|chapter=Introduction & Motivation|chapter-url=https://www.wireguard.com/papers/wireguard.pdf#section.1|url-status=live|archive-url=https://web.archive.org/web/20180304235745/https://www.wireguard.com/papers/wireguard.pdf|archive-date=4 March 2018}}

The overhead of WireGuard breaks down as follows:

• 20-byte IPv4 header or 40 bytes IPv6 header
• 8-byte UDP header
• 4-byte type
• 4-byte key index
• 8-byte nonce
• N-byte encrypted data
• 16-byte authentication tag

Assuming the underlay network transporting the WireGuard packets maintains a 1500 bytes MTU, configuring the WireGuard interface to 1420 bytes MTU for all involved peers is ideal for being transported over IPv6 + IPv4. However, when exclusively utilizing legacy IPv4 transport, a higher MTU of 1440 bytes for the WireGuard interface suffices.

From an operational perspective and for network configuration uniformity, leaving the default 1420 MTU network-wide for the WireGuard interfaces would be advantageous. This approach ensures consistency and facilitates a smoother transition to enabling IPv6 for the WireGuard peers and interfaces in the future.

However, for mobile clients with varying forms of network connectivity and varying MTU across numerous network connections, an MTU of 1280 can be beneficial allowing for IPv6 transport inside the tunnel as that is its minimum allowed MTU, and allow the wireguard tunnel to function over most forms of connectivity.

It should also be noted and reinforced that the MTU of the Wireguard interface does not change based on the IP family used inside the wireguard tunnel, the IP family being used on the outside of the tunnel is what determines the overhead and maximum MTU for the wireguard tunnel, it should also be noted that just because a Wireguard peer is only accessible via IPv4 does not mean that other wireguard peer/s connecting to it are not connecting over IPv6 and using translation mechanisms, which means you must account for the IPv6 overhead and assume 80 Bytes.

WireGuard is designed to be extended by third-party programs and scripts. This has been used to augment WireGuard with various features including more user-friendly management interfaces (including easier setting up of keys), logging, dynamic firewall updates, dynamic IP assignment,{{Citation |title=Wireguard Dynamic IP Configuration Tool |date=2023-05-14 |url=https://github.com/WireGuard/wg-dynamic/blob/20428bc5d6923d1531bf0b2409fe3f9a5538ecd4/docs/idea.md |access-date=2023-05-14 |publisher=WireGuard}} and LDAP integration.{{cn|date=March 2021|}}

Excluding such complex features from the minimal core codebase improves its stability and security. For ensuring security, WireGuard restricts the options for implementing cryptographic controls, limits the choices for key exchange processes, and maps algorithms to a small subset of modern cryptographic primitives. If a flaw is found in any of the primitives, a new version can be released that resolves the issue.

A review by Ars Technica found that WireGuard was easy to set up and use, used strong ciphers, and had a minimal codebase that provided for a small attack surface.

WireGuard has received funding from the Open Technology Fund{{Cite web|title=Building a more secure, accessible and resilient WireGuard VPN protocol.|url=https://www.opentech.fund/results/supported-projects/wireguard/|access-date=2022-06-20|website=www.opentech.fund}} and donations from Jump Trading, Mullvad, Tailscale, Fly.io, and the NLnet Foundation.{{cite web |title=Donations |url=https://www.wireguard.com/donations/ |url-status=live |archive-url=https://web.archive.org/web/20180428012457/https://www.wireguard.com/donations/ |archive-date=28 April 2018 |access-date=28 April 2018 |publisher=WireGuard}}

Oregon senator Ron Wyden has recommended to the National Institute of Standards and Technology (NIST) that they evaluate WireGuard as a replacement for existing technologies.{{cite web|url=https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-Senator-Recommends|title=US Senator Recommends Open-Source WireGuard To NIST For Government VPN|publisher=Phoronix|date=30 June 2018|access-date=5 August 2018|archive-url=https://web.archive.org/web/20180805142858/https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-Senator-Recommends|archive-date=5 August 2018|url-status=live|df=dmy-all}}

Implementations of the WireGuard protocol include:

• Donenfeld's initial implementation, written in C and Go.{{Cite web|url=https://www.wireguard.com/#source-code|title=WireGuard: fast, modern, secure VPN tunnel|last=Donenfeld|first=Jason|date=2019-06-07|access-date=2019-06-16}}
• Cloudflare's BoringTun, a user space implementation written in Rust.{{Cite web|url=https://blog.cloudflare.com/boringtun-userspace-wireguard-rust/|title=BoringTun, a userspace WireGuard implementation in Rust|last=Krasnov|first=Vlad|date=2018-12-18|website=Cloudflare Blog|language=en-US|access-date=2019-03-29|archive-url=https://web.archive.org/web/20190404164726/https://blog.cloudflare.com/boringtun-userspace-wireguard-rust/|archive-date=4 April 2019|url-status=live|df=dmy-all}}{{cite web|title=CloudFlare Launches "BoringTun" As Rust-Written WireGuard User-Space Implementation|url=https://www.phoronix.com/scan.php?page=news_item&px=CloudFlare-BoringTun-WireGuard|website=phoronix.com|access-date=29 March 2019}}
• Matt Dunwoodie's implementation for OpenBSD, written in C.{{Cite web|url=https://undeadly.org/cgi?action=article;sid=20200622052207|title=WireGuard imported into OpenBSD|last=Johansson|first=Janne|date=2020-06-21}}
• Ryota Ozaki's wg(4) implementation for NetBSD, written in C.{{Cite web|url=https://man.netbsd.org/wg.4|title=wg(4) - NetBSD Manual Pages|date=2020-08-20}}
• The FreeBSD implementation is written in C and shares most of the data path with the OpenBSD implementation.
• Native Windows kernel implementation named "wireguard-nt", since August 2021.{{Cite web|date=2021-08-02|title=WireGuardNT, a high-performance WireGuard implementation for the Windows kernel|url=https://lists.zx2c4.com/pipermail/wireguard/2021-August/006887.html}}
• AVM Fritz!Box modem-routers that support Fritz!OS version 7.39 and later. Permits site-to-site WireGuard connections from version 7.50 onwards.{{Cite web|url=https://en.avm.de/news/the-latest-news-from-fritz/2022/wireguard-vpn-has-never-been-so-easy|title=WireGuard: VPN has never been so easy}}
• Vector Packet Processing user space implementation written in C.

Early snapshots of the code base exist from 30 June 2016.{{Cite web|url=https://download.wireguard.com/monolithic-historical/|title=Index of /Monolithic-historical/}} The logo is inspired by a stone engraving of the mythological Python that Jason Donenfeld saw while visiting a museum in Delphi.{{cite web| title=How one hacker's push to secure the internet became a crucial part of Mac, Linux, and Windows operating systems |url=https://www.businessinsider.com/wireguard-jason-a-donenfeld-profile-secure-vpn-linux-mac-windows-2021-1 |date=16 Jan 2021 |archive-url= https://archive.today/20210116165445/https://www.businessinsider.com/wireguard-jason-a-donenfeld-profile-secure-vpn-linux-mac-windows-2021-1 |archive-date=16 Jan 2021 |work=Business Insider}}

On 9 December 2019, David Miller – primary maintainer of the Linux networking stack – accepted the WireGuard patches into the "net-next" maintainer tree, for inclusion in an upcoming kernel.{{Cite web|url=https://kernel.googlesource.com/pub/scm/linux/kernel/git/davem/net-next/+/e7096c131e5161fa3b8e52a650d7719d2857adfd|title=e7096c131e5161fa3b8e52a650d7719d2857adfd - pub/scm/linux/kernel/git/davem/net-next - Git at Google|website=kernel.googlesource.com}}{{Cite web|url=https://lkml.org/lkml/2019/12/8/257|title=LKML: David Miller: Re: [PATCH net-next v2] net: WireGuard secure network tunnel|website=lkml.org}}{{Cite web|url=https://lists.zx2c4.com/pipermail/wireguard/2019-December/004704.html|archive-url=https://web.archive.org/web/20200109120322/https://lists.zx2c4.com/pipermail/wireguard/2019-December/004704.html|url-status=dead|archive-date=9 January 2020|title=[ANNOUNCE] WireGuard merged to net-next, on its way to Linux 5.6|date=9 January 2020}}

On 28 January 2020, Linus Torvalds merged David Miller's net-next tree, and WireGuard entered the mainline Linux kernel tree.{{cite web|last1=Torvalds|first1=Linus|title=index : kernel/git/torvalds/linux.git|url=https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bd2463ac7d7ec51d432f23bf0e893fb371a908cd|website=Linux kernel source tree|publisher=Kernel.org|access-date=2 February 2020}}

On 20 March 2020, Debian developers enabled the module build options for WireGuard in their kernel config for the Debian 11 version (testing).{{cite web|url=https://salsa.debian.org/kernel-team/linux/-/commit/9d60411cee4c646fe5006dcd57a1709d0377aaa6|title=drivers/net: Enable WIREGUARD as module|date=21 March 2020}}

On 29 March 2020 WireGuard was incorporated into the Linux 5.6 release tree. The Windows version of the software remains at beta.

On 30 March 2020, Android developers added native kernel support for WireGuard in their Generic Kernel Image.{{cite web|url=https://android.googlesource.com/kernel/common/+/99761f1eac33d14a4b1613ae4b7076f41cb2df94%5E%21|title=ANDROID: GKI: enable CONFIG_WIREGUARD}}

On 22 April 2020, NetworkManager developer Beniamino Galvani merged GUI support for WireGuard in GNOME.{{cite web|title=merge branch 'bg/wireguard' (d321d0df) · Commits · GNOME / network-manager-applet|url=https://gitlab.gnome.org/GNOME/network-manager-applet/-/commit/d321d0dffa4fd872f7b39b8ca108f377cd80a12d|website=gitlab.gnome.org|date=22 April 2020 |access-date=30 May 2020|language=en}}

On 12 May 2020, Matt Dunwoodie proposed patches for native kernel support of WireGuard in OpenBSD.{{cite web|url=https://lists.zx2c4.com/pipermail/wireguard/2020-May/005427.html|title=WireGuard for OpenBSD Kernel Patches Posted|date=12 May 2020}}

On 22 June 2020, after the work of Matt Dunwoodie and Jason A. Donenfeld, WireGuard support was imported into OpenBSD.{{cite web|url=https://marc.info/?l=openbsd-cvs&m=159274150512676|title=add wg(4), an in kernel driver for WireGuard vpn communication}}

On 23 November 2020, Jason A. Donenfeld released an update of the Windows package improving installation, stability, ARM support, and enterprise features.{{cite web|url=https://lists.zx2c4.com/pipermail/wireguard/2020-November/006075.html|title=[ANNOUNCE] WireGuard for Windows 0.3: ARM support, enterprise features, & more|date=23 November 2020}}

On 29 November 2020, WireGuard support was imported into the FreeBSD 13 kernel.

On 19 January 2021, WireGuard support was added for preview in pfSense Community Edition (CE) 2.5.0 development snapshots.

In March 2021, kernel-mode WireGuard support was removed from FreeBSD 13.0, still in testing, after an urgent code cleanup in FreeBSD WireGuard could not be completed quickly.{{cite news|url=https://www.theregister.com/2021/03/23/freebsd_130_no_wireguard/|title=FreeBSD 13.0 to ship without WireGuard support as dev steps in to fix 'grave issues' with initial implementation|first=Tim|last=Anderson|date=2021-03-23|access-date=2021-03-31|work=The Register|publisher=Situation Publishing}} FreeBSD-based pfSense Community Edition (CE) 2.5.0 and pfSense Plus 21.02 removed kernel-based WireGuard as well.{{Cite web|last=Thompson|first=Jim|date=2021-03-18|title=WireGuard Removed from pfSense® CE and pfSense® Plus Software|url=https://www.netgate.com/blog/wireguard-removed-from-pfsense-ce-and-pfsense-plus-software.html|access-date=2021-03-20|website=Netgate blog|language=en|publisher=Rubicon Communications}}

In May 2021, WireGuard support was re-introduced back into pfSense CE and pfSense Plus development snapshots as an experimental package written by a member of the pfSense community, Christian McDonald. The WireGuard package for pfSense incorporates the ongoing kernel-mode WireGuard development work by Jason A. Donenfeld that was originally sponsored by Netgate.{{Cite web|last=Long|first=Scott|date=2021-05-05|title=pfSense: WireGuard returns as an Experimental Package|url=https://www.netgate.com/blog/pfsense-wireguard-returns-as-an-experimental-package.html|access-date=2021-06-09|website=Netgate - Secure networks start here.|language=en}}{{Cite web|title=wireguard-freebsd - WireGuard implementation for the FreeBSD kernel|url=https://git.zx2c4.com/wireguard-freebsd/|access-date=2021-06-09|website=git.zx2c4.com}}

In June 2021, the official package repositories for both pfSense CE 2.5.2 and pfSense Plus 21.05 included the WireGuard package.{{Cite web|last=Pingle|first=Jim|date=2021-06-02|title=pfSense Plus 21.05-RELEASE Now Available|url=https://www.netgate.com/blog/pfsense-plus-21-05-release-now-available.html|access-date=2021-06-09|website=Netgate - Secure networks start here.|language=en}}

In 2023, WireGuard received over 200,000 Euros support from Germany's Sovereign Tech Fund.{{Cite web |title=WireGuard |url=https://www.sovereigntechfund.de/tech/wireguard |access-date=2024-05-26 |website=Sovereign Tech Fund |language=en}}

• Comparison of virtual private network services
• Secure Shell (SSH), a cryptographic network protocol used to secure services over an unsecured network.

{{Notelist}}

{{reflist|refs=

{{cite web|url=https://arstechnica.com/gadgets/2018/08/wireguard-vpn-review-fast-connections-amaze-but-windows-support-needs-to-happen|title=WireGuard VPN review: A new type of VPN offers serious advantages|website=Ars Technica|first=Jim|last=Salter|date=26 August 2018|url-status=live|archive-url=https://web.archive.org/web/20180920191342/https://arstechnica.com/gadgets/2018/08/wireguard-vpn-review-fast-connections-amaze-but-windows-support-needs-to-happen/|archive-date=20 September 2018}}

{{Cite web|last=Salter|first=Jim|date=30 March 2020|title=WireGuard VPN makes it to 1.0.0—and into the next Linux kernel|url=https://arstechnica.com/gadgets/2020/03/wireguard-vpn-makes-it-to-1-0-0-and-into-the-next-linux-kernel/|url-status=live|access-date=23 April 2020|archive-url=https://web.archive.org/web/20200331182738/https://arstechnica.com/gadgets/2020/03/wireguard-vpn-makes-it-to-1-0-0-and-into-the-next-linux-kernel/|archive-date=31 March 2020}}

{{cite web|url=https://www.wireguard.com/install|title=Installation|publisher=WireGuard|access-date=23 April 2020|df=dmy-all}}

{{cite web|url=https://www.wireguard.com/|title=WireGuard: fast, modern, secure VPN tunnel|publisher=WireGuard|url-status=live|archive-url=https://web.archive.org/web/20180428010439/https://www.wireguard.com/|archive-date=28 April 2018|access-date=2021-03-31}}

{{Cite web |last=Donenfeld |first=Jason A. |title=Protocol & Cryptography - WireGuard |url=https://www.wireguard.com/protocol/ |access-date=2023-05-14 |website=www.wireguard.com |language=en}}

{{cite web|last1=Donenfeld|first1=Jason A.|title=Known Limitations - WireGuard|url=https://www.wireguard.com/known-limitations/|website=www.wireguard.com|access-date=1 June 2020|language=en}}

{{Cite web |last=Donenfeld |first=Jason A. |date=December 11, 2017 |title=[WireGuard] Header / MTU sizes for Wireguard |url=https://lists.zx2c4.com/pipermail/wireguard/2017-December/002201.html |access-date=2024-01-13}}

{{cite web|url=https://svnweb.freebsd.org/base?view=revision&revision=368163|title=Import kernel WireGuard support}}

{{Cite web|last=Paxson|first=Audian|date=2021-01-19|title=WireGuard for pfSense Software|url=https://www.netgate.com/blog/wireguard-for-pfsense-software.html|access-date=2021-06-09|website=Netgate|language=en}}

}}

{{VPN}}

{{Portal bar|Free and open-source software|Linux}}

Category:Free security software

Category:Linux network-related software

Category:Tunneling protocols

Category:Virtual private networks