Software:WireGuard

From HandWiki
WireGuard
The WireGuard logo
Original author(s)Jason A. Donenfeld
Developer(s)Jason A. Donenfeld
Initial release2015; 11 years ago (2015)[1]
Written inC (Linux, FreeBSD kernel modules, NetBSD, OpenBSD kernel drivers, Windows kernel drivers), Go (userspace implementation)
Operating system
TypeVirtual private network
Licensevarious free and open-source
Website{{{1}}}

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs).[4] It aims to be lighter and better performing than IPsec and OpenVPN, two common tunneling protocols.[5] The WireGuard protocol passes traffic over UDP.[6]

In March 2020, the Linux version of the software reached a stable production release and was incorporated into the Linux 5.6 kernel, and backported to earlier Linux kernels in some Linux distributions.[3] The Linux kernel components are licensed under the GNU General Public License (GPL) version 2; other implementations are under GPLv2 or other free/open-source licenses.[4]

Protocol

The WireGuard protocol is a variant of the Noise Protocol Framework IK handshake pattern, as illustrated by the choice of Noise_IKpsk2_25519_ChaChaPoly_BLAKE2s for the value of the Construction string listed on p10 of the Whitepaper.[7]

The key exchange, or handshake, combines long-term and ephemeral Diffie-Hellman values using Curve25519.[8] Each pair generates a set of public and private key pairs using Curve 25519, the public keys are exchanged, with each pair then assigned an IP address (generally RFC 1918) to utilize with the WireGuard tunnel.[9] Once the keys have been confirmed by both peers, the Noise Protocol is used to generate a shared ChaCha20 session key for symmetric encryption authenticated with Poly1305.[9] SipHash24 is used for hashtable keys while BLAKE2s cryptographic hash functions, a faster and more compact version of SHA-3, are incorporated.[10][11] Key derivation functions are handled using HKDF and Base64-encoded private keys, public keys and preshared keys.[10]

WireGuard’s proof starts by modeling its two-message Noise-based handshake (plus optional PSK) in CryptoVerif’s calculus of cryptographic games, abstracting ChaCha20-Poly1305, Curve25519, HKDF, the hash chain, and related primitives under standard IND-CPA/INT-CTXT and random-oracle assumptions.[12] From that model, CryptoVerif’s automated game hops show, across unlimited parallel sessions, that the protocol guarantees mutual authentication, IND-CCA session-key secrecy, forward secrecy and post-compromise security even if long-term keys later leak and state is wiped.[12] In May 2019, researchers from INRIA published a machine-checked proof of the WireGuard protocol, produced using the CryptoVerif proof assistant.[13]

Optional pre-shared symmetric key mode

WireGuard supports pre-shared symmetric key mode, which provides an additional layer of symmetric encryption to mitigate future advances in quantum computing. This addresses the risk that traffic may be stored until quantum computers are capable of breaking Curve25519, at which point traffic could be decrypted. Pre-shared keys are "usually troublesome from a key management perspective and might be more likely stolen", but in the shorter term, if the symmetric key is compromised, the Curve25519 keys still provide more than sufficient protection.[14]

Networking

WireGuard uses only[6] UDP,[4] due to the potential disadvantages of TCP-over-TCP.[6][15][16] Tunneling TCP over a TCP-based connection is known as "TCP-over-TCP", and doing so can induce a dramatic loss in transmission performance due to the TCP meltdown problem.[17]

Its default server port is UDP 51820.[18]

WireGuard fully supports IPv6, both inside and outside of tunnel. It supports only layer 3 for both IPv4 and IPv6 and can encapsulate v4-in-v6 and vice versa.[19]

MTU overhead

The overhead of WireGuard breaks down as follows:[20]

  • 20-byte IPv4 header or 40-byte IPv6 header
  • 8-byte UDP header
  • 4-byte type
  • 4-byte key index
  • 8-byte nonce
  • N-byte encrypted data
  • 16-byte authentication tag

MTU operational considerations

Assuming the underlay network transporting the WireGuard packets maintains a 1500 byte MTU, configuring the WireGuard interface to 1420 bytes MTU for all involved peers is ideal for being transported over IPv6 + IPv4. However, when exclusively utilizing legacy IPv4 transport, a higher MTU of 1440 bytes for the WireGuard interface suffices.[20]

From an operational perspective and for network configuration uniformity, leaving the default 1420 byte MTU network-wide for the WireGuard interfaces would be advantageous.[21] This approach ensures consistency and facilitates a smoother transition to enabling IPv6 for the WireGuard peers and interfaces in the future.

However, for mobile clients with varying forms of network connectivity and varying MTU across numerous network connections, an MTU of 1280 can be beneficial allowing for IPv6 transport inside the tunnel as that is its minimum allowed MTU, and allow the WireGuard tunnel to function over most forms of connectivity.[22] Hosts often avoid sending sending > 1280 due to PMTUD reliability.[23]

The MTU of a WireGuard interface is determined by the encapsulating, or outer, IP protocol—not the IP version carried inside the tunnel. When WireGuard packets are transported over IPv4, the outer-header overhead is 60 bytes (20-byte IPv4 header, 8-byte UDP header, and 32-byte WireGuard header). When transported over IPv6, the outer-header overhead rises to 80 bytes.[24] This distinction means that even if a peer is reachable only via IPv4, other peers in the same mesh may connect over IPv6 or through translation mechanisms. Translation increases header size and enforces IPv6’s 1280-byte minimum path MTU, requiring that implementers budget for the 80-byte IPv6 overhead when setting a consistent interface MTU.[25][26]

Extensibility

WireGuard is designed to be extended by third-party programs and scripts.[27] This has been used to augment WireGuard with various features including more user-friendly management interfaces (including easier setting up of keys), logging, dynamic firewall updates, dynamic IP assignment,[28] and LDAP integration.[29] It is supported natively and by a number of commercial VPN services such as IPVanish and TunnelBear.[30][31]

Excluding such complex features from the minimal core codebase improves its stability and security. For ensuring security, WireGuard restricts the options for implementing cryptographic controls, limits the choices for key exchange processes, and maps algorithms[10] to a small subset of modern cryptographic primitives. If a flaw is found in any of the primitives, a new version can be released that resolves the issue.

Reception

A review by Ars Technica found that WireGuard was easy to set up and use, used strong ciphers, and had a minimal codebase that provided for a small attack surface.[32] The review included a quote from Linus Torvalds who stated:

"Can I just once again state my love for [WireGuard] and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art."[32]

A 2024 report concluded that WireGuard had potential as a lightweight yet robust solution for Internet of things security.[33]

WireGuard has received funding from the Open Technology Fund[34] and donations from Jump Trading, Mullvad, Tailscale, Fly.io, and the NLnet Foundation.[35]

Oregon senator Ron Wyden has recommended to the National Institute of Standards and Technology (NIST) that they evaluate WireGuard as a replacement for existing technologies.[36]

Availability

Implementations

Implementations of the WireGuard protocol include:

  • Donenfeld's initial implementation, written in C and Go.[37]
  • Cloudflare's BoringTun, a user space implementation written in Rust.[38][39]
  • Matt Dunwoodie's implementation for OpenBSD, written in C.[40]
  • Ryota Ozaki's wg(4) implementation for NetBSD, written in C.[41]
  • The FreeBSD implementation is written in C and shares most of the data path with the OpenBSD implementation.[42]
  • Native Windows kernel implementation named "wireguard-nt", since August 2021.[43]
  • AVM Fritz!Box modem-routers that support Fritz!OS version 7.39 and later. Permits site-to-site WireGuard connections from version 7.50 onwards.[44]
  • Vector Packet Processing user space implementation written in C.[45]

History

Early snapshots of the code base exist from 30 June 2016.[46] The logo is inspired by a stone engraving of the mythological Python that Jason Donenfeld saw while visiting a museum in Delphi.[47]

On 9 December 2019, David Miller – primary maintainer of the Linux networking stack – accepted the WireGuard patches into the "net-next" maintainer tree, for inclusion in an upcoming kernel.[48][49][50]

On 28 January 2020, Linus Torvalds merged David Miller's net-next tree, and WireGuard entered the mainline Linux kernel tree.[51]

On 20 March 2020, Debian developers enabled the module build options for WireGuard in their kernel config for the Debian 11 version (testing).[52]

On 29 March 2020 WireGuard was incorporated into the Linux 5.6 release tree. The Windows version of the software remains at beta.[4][3] This led to Android developers adding native kernel support for WireGuard in their Generic Kernel Image on 30 March 2020.[53]

On 22 April 2020, NetworkManager developer Beniamino Galvani merged GUI support for WireGuard in GNOME.[54][55]

On 12 May 2020, Matt Dunwoodie proposed patches for native kernel support of WireGuard in OpenBSD.[56] On 22 June 2020, after the work of Matt Dunwoodie and Jason A. Donenfeld, WireGuard support was imported into OpenBSD.[57]

On 23 November 2020, Jason A. Donenfeld released an update of the Windows package improving installation, stability, ARM support, and enterprise features.[58]

On 29 November 2020, WireGuard support was imported into the FreeBSD 13 kernel.[42]

On 19 January 2021, WireGuard support was added for preview in pfSense Community Edition (CE) 2.5.0 development snapshots.[59]

In March 2021, kernel-mode WireGuard support was removed from FreeBSD 13.0, still in testing, after an urgent code cleanup in FreeBSD WireGuard could not be completed quickly.[60] FreeBSD-based pfSense Community Edition (CE) 2.5.0 and pfSense Plus 21.02 removed kernel-based WireGuard as well.[61]

In May 2021, WireGuard support was re-introduced back into pfSense CE and pfSense Plus development snapshots as an experimental package written by a member of the pfSense community, Christian McDonald. The WireGuard package for pfSense incorporates the ongoing kernel-mode WireGuard development work by Jason A. Donenfeld that was originally sponsored by Netgate.[62][59][63]

In June 2021, the official package repositories for both pfSense CE 2.5.2 and pfSense Plus 21.05 included the WireGuard package.[64]

In 2023, WireGuard received over 209,000€ support from Germany's Sovereign Tech Fund.[65]

In June 2025, IPFire has added support for WireGuard using the Linux kernel implementation.[66]

See also

Notes

  1. Not all platforms may have a currently released version and some may be at beta.[needs update?]

References

  1. Grauer, Yael (2021-01-16). "How one hacker's push to secure the internet became a crucial part of Mac, Linux, and Windows operating systems". Business Insider. https://www.businessinsider.com/wireguard-jason-a-donenfeld-profile-secure-vpn-linux-mac-windows-2021-1. 
  2. "Installation". WireGuard. https://www.wireguard.com/install. 
  3. 3.0 3.1 3.2 Salter, Jim (30 March 2020). "WireGuard VPN makes it to 1.0.0—and into the next Linux kernel". https://arstechnica.com/gadgets/2020/03/wireguard-vpn-makes-it-to-1-0-0-and-into-the-next-linux-kernel/. 
  4. 4.0 4.1 4.2 4.3 "WireGuard: fast, modern, secure VPN tunnel". WireGuard. https://www.wireguard.com/. 
  5. Applied Cryptography and Network Security. Springer. 11 June 2018. ISBN 978-3-319-93387-0. https://books.google.com/books?id=UKJfDwAAQBAJ&pg=PA3. Retrieved 25 June 2018. 
  6. 6.0 6.1 6.2 Donenfeld, Jason A.. "Known Limitations - WireGuard" (in en). https://www.wireguard.com/known-limitations/. 
  7. Kobeissi, Nadim (August 23, 2018). "Noise Explorer: Fully Automated Modeling and Verification for Arbitrary Noise Protocols". French Institute for Research in Computer Science and Automation. https://www.wireguard.com/papers/kobeissi-bhargavan-noise-explorer-2018.pdf. 
  8. Dowling, Benjamin; Paterson, Kenneth (2018-01-23). A Cryptographic Analysis of the WireGuard Protocol. Royal Holloway, University of London. https://pure.royalholloway.ac.uk/ws/portalfiles/portal/30842283/main.pdf. 
  9. 9.0 9.1 Master, Alexander (2021-07-28), "A WireGuard Exploration", CERIAS Technical Reports (Purdue University), https://docs.lib.purdue.edu/cgi/viewcontent.cgi?article=1000&context=ceriastr 
  10. 10.0 10.1 10.2 Donenfeld, Jason A.. "Protocol & Cryptography - WireGuard" (in en). https://www.wireguard.com/protocol/. 
  11. Tibouchi, Mehdi (2023). Applied Cryptography and Network Security: 21st International Conference, ACNS 2023, Kyoto, Japan, June 19-22, 2023, Proceedings, Part I. Lecture Notes in Computer Science Series. XiaoFeng Wang (1st ed.). Cham: Springer. pp. 120–135. ISBN 978-3-031-33487-0. 
  12. 12.0 12.1 Medley, Liam; Loe, Angelique Faye; Quaglia, Elizabeth A. (2023). "SoK: Delay-Based Cryptography". 2023 IEEE 36th Computer Security Foundations Symposium (CSF). IEEE. pp. 169–183. doi:10.1109/csf57540.2023.00028. ISBN 979-8-3503-2192-0. https://doi.org/10.1109/csf57540.2023.00028. 
  13. Lipp, Benjamin; Blanchet, Bruno; Bhargavan, Karthikeyan (2019), A Mechanised Cryptographic Proof of the WireGuard Virtual Private Network Protocol, Research Report RR-9269, Paris: Inria, p. 49, hal-02100345, https://hal.inria.fr/hal-02100345 
  14. Donenfeld, Jason (May 2, 2021). "WireGuard: Next Generation Kernel Network Tunnel". https://www.wireguard.com/papers/wireguard.pdf. 
  15. Titz, Olaf (2001-04-23). "Why TCP Over TCP Is A Bad Idea". http://sites.inka.de/bigred/devel/tcp-tcp.html. 
  16. Honda, Osamu; Ohsaki, Hiroyuki; Imase, Makoto; Ishizuka, Mika; Murayama, Junichi (October 2005). "Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency". in Atiquzzaman, Mohammed; Balandin, Sergey I. 6011. doi:10.1117/12.630496. Bibcode2005SPIE.6011..138H. 
  17. Honda, Osamu; Ohsaki, Hiroyuki; Imase, Makoto; Mika, Ishizuka; Murayama, Junichi. "Understanding TCP over TCP: Effects of TCP Tunneling on End-to-End Throughput and Latency". https://lsnl.jp/~ohsaki/papers/Honda05_ITCom.pdf. 
  18. Pavan, Gunda (2020). "Performance evaluation of wireguard in kubernetes cluster.". Blekinge Institute of Technology. https://www.diva-portal.org/smash/get/diva2:1533988/FULLTEXT03.pdf. 
  19. Donenfeld, Jason A.. "WireGuard: Next Generation Kernel Network Tunnel". https://www.wireguard.com/papers/wireguard.pdf. 
  20. 20.0 20.1 Donenfeld, Jason A. (December 11, 2017). "[WireGuard Header / MTU sizes for Wireguard"]. https://lists.zx2c4.com/pipermail/wireguard/2017-December/002201.html. 
  21. Goethals, Tom. "Warrens: Decentralized Connectionless Tunnels for Edge Container Networks". https://repository.essex.ac.uk/38705/1/Accepted_Manuscript.pdf. 
  22. Shannon, Colleen; Moore, David; Claffy, K. C. (2002-12-01). "Beyond folklore: observations on fragmented traffic". IEEE/ACM Trans. Netw. 10 (6): 709–720. doi:10.1109/TNET.2002.805028. ISSN 1063-6692. Bibcode2002ITNet..10..709S. https://dl.acm.org/doi/abs/10.1109/TNET.2002.805028. 
  23. Bonica, Ron; Kamite, Yuji; Alston, Anew; Henriques, Daniam; Jalil, Luay (2024). The IPv6 Compact Routing Header (CRH) (Report). Internet Engineering Task Force. https://datatracker.ietf.org/doc/rfc9631/. 
  24. Wu, Peter (June 17, 2019). "Analysis of the WireGuard protocol". Eindhoven University of Technology Department of Mathematics and Computer Science. https://pure.tue.nl/ws/portalfiles/portal/130180306/Peter.Wu_Wireguard_thesis_final.pdf. 
  25. Lam, Vincent. "IPv6/IPv4 Protocol Translation in SPIN". University of Washington. https://research.cs.washington.edu/networking/napt/reports/vkl-prottrans.pdf. 
  26. Bao, C.; Li, X.; Baker, F.; Anderson, T.; Gont, F. (2016). RFC 7915: IP/ICMP Translation Algorithm. USA: RFC Editor. doi:10.17487/rfc7915. https://dl.acm.org/doi/10.17487/RFC7915. 
  27. Ramezanpour, Reza (2021-08-31). "Calico integration with WireGuard using kOps" (in en-US). http://thenewstack.io/calico-integration-with-wireguard-using-kops/. 
  28. Wireguard Dynamic IP Configuration Tool, WireGuard, 2023-05-14, https://github.com/WireGuard/wg-dynamic/blob/20428bc5d6923d1531bf0b2409fe3f9a5538ecd4/docs/idea.md, retrieved 2023-05-14 
  29. WireGuard Portal – LDAP Usage, WireGuard Portal Project, https://wgportal.org/master/documentation/usage/ldap/, retrieved 2025-08-07 
  30. "IPVanish review: A U.S.-based VPN with unlimited connections" (in en). https://www.pcworld.com/article/407502/ipvanish-vpn-review.html. 
  31. Eddy, Max (2024-06-04). "The Best VPN Service" (in en-US). The New York Times. ISSN 0362-4331. https://www.nytimes.com/wirecutter/reviews/best-vpn-service/. 
  32. 32.0 32.1 Salter, Jim (2018-08-26). "WireGuard VPN review: A new type of VPN offers serious advantages" (in en). https://arstechnica.com/gadgets/2018/08/wireguard-vpn-review-fast-connections-amaze-but-windows-support-needs-to-happen/. 
  33. Jumakhan, Haseebullah; Mirzaeinia, Amir (2024), Wireguard: An Efficient Solution for Securing IoT Device Connectivity, CSCI-RTMC 
  34. "Building a more secure, accessible and resilient WireGuard VPN protocol.". 4 January 2022. https://www.opentech.fund/results/supported-projects/wireguard/. 
  35. "Donations". WireGuard. https://www.wireguard.com/donations/. 
  36. "US Senator Recommends Open-Source WireGuard To NIST For Government VPN". Phoronix. 30 June 2018. https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-Senator-Recommends. 
  37. Donenfeld, Jason (2019-06-07). "WireGuard: fast, modern, secure VPN tunnel". https://www.wireguard.com/#source-code. 
  38. Krasnov, Vlad (2018-12-18). "BoringTun, a userspace WireGuard implementation in Rust" (in en-US). https://blog.cloudflare.com/boringtun-userspace-wireguard-rust/. 
  39. "CloudFlare Launches "BoringTun" As Rust-Written WireGuard User-Space Implementation". https://www.phoronix.com/scan.php?page=news_item&px=CloudFlare-BoringTun-WireGuard. 
  40. Johansson, Janne (2020-06-21). "WireGuard imported into OpenBSD". https://undeadly.org/cgi?action=article;sid=20200622052207. 
  41. "wg(4) - NetBSD Manual Pages". 2020-08-20. https://man.netbsd.org/wg.4. 
  42. 42.0 42.1 "Import kernel WireGuard support". https://svnweb.freebsd.org/base?view=revision&revision=368163. 
  43. "WireGuardNT, a high-performance WireGuard implementation for the Windows kernel". 2021-08-02. https://lists.zx2c4.com/pipermail/wireguard/2021-August/006887.html. 
  44. "WireGuard: VPN has never been so easy". https://en.avm.de/news/the-latest-news-from-fritz/2022/wireguard-vpn-has-never-been-so-easy. 
  45. "FD.io VPP: src/plugins/wireguard/wireguard.c File Reference". https://s3-docs.fd.io/vpp/21.06.0/d2/dd3/wireguard_8c.html. 
  46. "Index of /Monolithic-historical/". https://download.wireguard.com/monolithic-historical/. 
  47. "How one hacker's push to secure the internet became a crucial part of Mac, Linux, and Windows operating systems". Business Insider. 16 Jan 2021. https://www.businessinsider.com/wireguard-jason-a-donenfeld-profile-secure-vpn-linux-mac-windows-2021-1. 
  48. "e7096c131e5161fa3b8e52a650d7719d2857adfd - pub/scm/linux/kernel/git/davem/net-next - Git at Google". https://kernel.googlesource.com/pub/scm/linux/kernel/git/davem/net-next/+/e7096c131e5161fa3b8e52a650d7719d2857adfd. 
  49. "LKML: David Miller: Re: [PATCH net-next v2 net: WireGuard secure network tunnel"]. https://lkml.org/lkml/2019/12/8/257. 
  50. "[ANNOUNCE WireGuard merged to net-next, on its way to Linux 5.6"]. 9 January 2020. https://lists.zx2c4.com/pipermail/wireguard/2019-December/004704.html. 
  51. Torvalds, Linus. "index : kernel/git/torvalds/linux.git". Kernel.org. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bd2463ac7d7ec51d432f23bf0e893fb371a908cd. 
  52. "drivers/net: Enable WIREGUARD as module". 21 March 2020. https://salsa.debian.org/kernel-team/linux/-/commit/9d60411cee4c646fe5006dcd57a1709d0377aaa6. 
  53. "ANDROID: GKI: enable CONFIG_WIREGUARD". https://android.googlesource.com/kernel/common/+/99761f1eac33d14a4b1613ae4b7076f41cb2df94%5E%21. 
  54. "merge branch 'bg/wireguard' (d321d0df) · Commits · GNOME / network-manager-applet" (in en). 22 April 2020. https://gitlab.gnome.org/GNOME/network-manager-applet/-/commit/d321d0dffa4fd872f7b39b8ca108f377cd80a12d. 
  55. "Connect to a Wireguard VPN server with NetworkManager | dbeley". https://dbeley.ovh/en/post/2020/12/28/connect-to-a-wireguard-vpn-server-with-networkmanager/. 
  56. "WireGuard for OpenBSD Kernel Patches Posted". 12 May 2020. https://lists.zx2c4.com/pipermail/wireguard/2020-May/005427.html. 
  57. "add wg(4), an in kernel driver for WireGuard vpn communication". https://marc.info/?l=openbsd-cvs&m=159274150512676. 
  58. "[ANNOUNCE WireGuard for Windows 0.3: ARM support, enterprise features, & more"]. 23 November 2020. https://lists.zx2c4.com/pipermail/wireguard/2020-November/006075.html. 
  59. 59.0 59.1 Paxson, Audian (2021-01-19). "WireGuard for pfSense Software" (in en). https://www.netgate.com/blog/wireguard-for-pfsense-software.html. 
  60. Anderson, Tim (2021-03-23). "FreeBSD 13.0 to ship without WireGuard support as dev steps in to fix 'grave issues' with initial implementation". The Register (Situation Publishing). https://www.theregister.com/2021/03/23/freebsd_130_no_wireguard/. 
  61. Thompson, Jim (2021-03-18). "WireGuard Removed from pfSense® CE and pfSense® Plus Software" (in en). Rubicon Communications. https://www.netgate.com/blog/wireguard-removed-from-pfsense-ce-and-pfsense-plus-software.html. 
  62. Long, Scott (2021-05-05). "pfSense: WireGuard returns as an Experimental Package" (in en). https://www.netgate.com/blog/pfsense-wireguard-returns-as-an-experimental-package.html. 
  63. "wireguard-freebsd - WireGuard implementation for the FreeBSD kernel". https://git.zx2c4.com/wireguard-freebsd/. 
  64. Pingle, Jim (2021-06-02). "pfSense Plus 21.05-RELEASE Now Available" (in en). https://www.netgate.com/blog/pfsense-plus-21-05-release-now-available.html. 
  65. "WireGuard" (in en). https://www.sovereigntechfund.de/tech/wireguard. 
  66. "IPFire 2.29 - Core Update 195 released - WireGuard Inside" (in en). https://www.ipfire.org/blog/ipfire-2-29-core-update-195-released-wireguard-inside. 



Retrieved from "https://handwiki.org/wiki/index.php?title=Software:WireGuard&oldid=3990499"