WireGuard
A fast and modern VPN that utilizes state-of-the-art cryptography
In hostile environments such as the open internet, Virtual Private Network technology play a major role in protecting users both from snooping and malicious traffic injection. WireGuard is a general purpose VPN - the new kd on the block that is fast, simple and lean. It can run on embedded interfaces and super computers alike, fit for many different circumstances. Its goal is to be the most secure, easiest to use, and simplest VPN solution in the industry.
- The project's own website: https://www.wireguard.com
Why does this actually matter to end users?
When you go online outside of your house or office, your connection is often vulnerable to man-in-the-middle attack. VPN's are a way to protect against these attacks, but are traditionally rather cumbersome (if not plain hard) to work with - which has prevented mass adoption. WireGuard has been designed in many ways to contrast with poor architectural decisions of popular but aged VPN technologies like IPsec and OpenVPN. IPsec may be academically pristine in its laying responsibilities, but the complexity of this makes it nearly impossible to deploy or implement securely. OpenVPN is similarly a monstrous codebase, relying on the error-prone DTLS protocol and uses 90s constructions. WireGuard aims to start fresh with modern cryptographic principles, in order to drastically simplify designs while still enabling use in networks of considerable complexity.
This project was funded through the Internet Hardening Fund, a fund established by NLnet with financial support from the Netherlands Ministry of Economic Affairs and Climate Policy.
