Linus Torvald has just announced the integration of the VPN WireGuard protocol in the next Linux kernel 5.6 release. A good boost for a booming communication protocol.

While today’s major VPN systems are based on standard protocols such as PPTP, L2TP/IPsec, SSTP, IKEv2, and the inevitable OpenVPN, a little “new” could upset the established order. Indeed, at the end of January, Linus Torvald – founding father of Linux – announced the integration of the WireGuard protocol in the next Linux kernel update scheduled for the summer.

Faster and more secure protocol

If WireGuard was able to seduce the big Linux manitou, it is notably because of performances superior primarily to those proposed by the current protocols, and even the swift IPsec. The official site, WireGuard, boasts that it is nearly four times faster than OpenVPN and 15% faster than IPsec in terms of throughput.

On the response time or ping side, WireGuard also appears to be very fast with again a delay almost four times shorter. And while higher speed usually implies lower security, this does not seem to be the case with WireGuard, which also uses modern encryption algorithms such as ChaCha20, Curve25519, or BLAKE2s. Also, WireGuard relies on a straightforward configuration.

VPN protocol mainly in Beta mode

However, and by the very admission of its leading developer Jason Donenfeld in 2018, WireGuard is still an experimental protocol. It is not reassuring when it comes to moving sensitive data over the Internet. The integration in the next Linux kernel and the possibility offered to all developers to “proofread” the code should quickly secure the protocol.

WireGuard’s 4,000 lines of code is another advantage over the competition, especially OpenVPN, which has at least 100,000 lines and therefore offers a much larger attack surface. Initially intended for the Linux kernel, WireGuard is now compatible with most operating systems such as Windows, macOS, BSD, iOS, or Android. A “universality” that should also contribute to the expansion of the protocol.

The fact remains that for the moment, there are not a lot of VPN service providers offering access to the WireGuard protocol. Most of them are still quite reluctant to integrate a protocol that lacks maturity and is probably not sufficiently proven to satisfy their customers. NordVPN and their NordLynx technology might be the first one currently available on the market!

If WireGuard has all the potential to replace OpenVPN and why not IPsec, it remains for the moment to be seen. One thing is certain is that this protocol could very well revolutionise this industry as stated by this Tackk VPN article.