WireGuard

Last updated

WireGuard
Original author(s) Jason A. Donenfeld
Developer(s) Jason A. Donenfeld
Initial release2015;9 years ago (2015) [1]
Stable release
1.0.20220627 [2]   OOjs UI icon edit-ltr-progressive.svg / 27 June 2022;21 months ago (27 June 2022)
Repository
Written in C (Linux, FreeBSD kernel modules, NetBSD, OpenBSD kernel drivers, Windows kernel drivers), Go (userspace implementation)
Operating system
Type Virtual private network
License various free and open-source
Website www.wireguard.com OOjs UI icon edit-ltr-progressive.svg

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs), and was designed with the goals of ease of use, high speed performance, and low attack surface. [5] It aims to be smaller and better performing than IPsec and OpenVPN, two common tunneling protocols. [6] The WireGuard protocol passes traffic over UDP. [7]

Contents

In March 2020, the Linux version of the software reached a stable production release and was incorporated into the Linux 5.6 kernel, and backported to earlier Linux kernels in some Linux distributions. [4] The Linux kernel components are licensed under the GNU General Public License (GPL) version 2; other implementations are under GPLv2 or other free/open-source licenses. [5]

The name WireGuard is a registered trademark of Jason A. Donenfeld. [5]

Protocol

WireGuard uses the following: [8]

In May 2019, researchers from INRIA published a machine-checked proof of the WireGuard protocol, produced using the CryptoVerif proof assistant. [9]

Optional Pre-shared Symmetric Key Mode

WireGuard supports pre-shared symmetric key mode, which provides an additional layer of symmetric encryption to mitigate future advances in quantum computing. This addresses the risk that traffic may be stored until quantum computers are capable of breaking Curve25519, at which point traffic could be decrypted. Pre-shared keys are "usually troublesome from a key management perspective and might be more likely stolen", but in the shorter term, if the symmetric key is compromised, the Curve25519 keys still provide more than sufficient protection. [10]

Networking

WireGuard uses only [11] UDP, [5] due to the potential disadvantages of TCP-over-TCP. [11] [12] [13] Tunneling TCP over a TCP-based connection is known as "TCP-over-TCP", and doing so can induce a dramatic loss in transmission performance (a problem known as "TCP meltdown"). TCP meltdown occurs when a TCP connection is stacked on top of another. The underlying layer may detect a problem and attempt to compensate, and the layer above it then overcompensates because of that, and this overcompensation causes said delays and degraded transmission performance.

WireGuard fully supports IPv6, both inside and outside of tunnel. It supports only layer 3 for both IPv4 and IPv6 and can encapsulate v4-in-v6 and vice versa. [14]

MTU overhead

The overhead of WireGuard breaks down as follows: [15]

  • 20-byte IPv4 header or 40 bytes IPv6 header
  • 8-byte UDP header
  • 4-byte type
  • 4-byte key index
  • 8-byte nonce
  • N-byte encrypted data
  • 16-byte authentication tag
MTU Operational considerations

If we assume the underlay network that is transporting the WireGuard packets to be 1500 bytes MTU, then we would want to configure the WireGuard interface MTU to 1420 bytes (for all the peers involved) if we intend to carry IPv6 + IPv4 traffic. However, if we carry legacy IPv4-only traffic, we can get away with a higher MTU for the WireGuard interface at 1440 bytes. [15]

It would be optimal from an operational standpoint and network configuration consistency, however, if we opted to just configure 1420 network (peer)-wide for the WireGuard interfaces, in the event we eventually wanted to enable IPv6 for the WireGuard peers and interfaces.

Caveat

There may be situations where, for instance, a peer is behind a network with 1500 bytes MTU, and a second peer is behind a wireless network such as an LTE network, where often times, the carrier opted to use an MTU that is far lower than 1420 bytes — In such cases, the underlying IP networking stack of the host will fragment the UDP encapsulated packet and send the packets through, the packets inside the tunnel however will remain consistent and will not be required to fragment as PMTUD will detect the MTU between the peers (in this example, that would be 1420 bytes) and send a fixed packet size between the peers.

Extensibility

WireGuard is designed to be extended by third-party programmes and scripts. This has been used to augment WireGuard with various features including more user-friendly management interfaces (including easier setting up of keys), logging, dynamic firewall updates, dynamic IP assignment, [16] and LDAP integration.[ citation needed ]

Excluding such complex features from the minimal core codebase improves its stability and security. For ensuring security, WireGuard restricts the options for implementing cryptographic controls, limits the choices for key exchange processes, and maps algorithms [8] to a small subset of modern cryptographic primitives. If a flaw is found in any of the primitives, a new version can be released that resolves the issue.

Reception

A review by Ars Technica found that WireGuard was easy to set up and use, used strong ciphers, and had a minimal codebase that provided for a small attack surface. [17]

WireGuard has received funding from the Open Technology Fund. [18] and donations from Mullvad, Private Internet Access, IVPN, the NLnet Foundation [19] and OVPN. [20]

Oregon senator Ron Wyden has recommended to the National Institute of Standards and Technology (NIST) that they evaluate WireGuard as a replacement for existing technologies. [21]

Availability

Implementations

Implementations of the WireGuard protocol include:

History

Early snapshots of the code base exist from 30 June 2016. [30] Four early adopters of WireGuard were the VPN service providers Mullvad, [31] AzireVPN, [32] IVPN [33] and cryptostorm. [34]

On 9 December 2019, David Miller – primary maintainer of the Linux networking stack – accepted the WireGuard patches into the "net-next" maintainer tree, for inclusion in an upcoming kernel. [35] [36] [37]

On 28 January 2020, Linus Torvalds merged David Miller's net-next tree, and WireGuard entered the mainline Linux kernel tree. [38]

On 20 March 2020, Debian developers enabled the module build options for WireGuard in their kernel config for the Debian 11 version (testing). [39]

On 29 March 2020 WireGuard was incorporated into the Linux 5.6 release tree. The Windows version of the software remains at beta. [4]

On 30 March 2020, Android developers added native kernel support for WireGuard in their Generic Kernel Image. [40]

On 22 April 2020, NetworkManager developer Beniamino Galvani merged GUI support for WireGuard in GNOME. [41]

On 12 May 2020, Matt Dunwoodie proposed patches for native kernel support of WireGuard in OpenBSD. [42]

On 22 June 2020, after the work of Matt Dunwoodie and Jason A. Donenfeld, WireGuard support was imported into OpenBSD. [43]

On 23 November 2020, Jason A. Donenfeld released an update of the Windows package improving installation, stability, ARM support, and enterprise features. [44]

On 29 November 2020, WireGuard support was imported into the FreeBSD 13 kernel. [27]

On 19 January 2021, WireGuard support was added for preview in pfSense Community Edition (CE) 2.5.0 development snapshots. [45]

In March 2021, kernel-mode WireGuard support was removed from FreeBSD 13.0, still in testing, after an urgent code cleanup in FreeBSD WireGuard could not be completed quickly. [46] FreeBSD-based pfSense Community Edition (CE) 2.5.0 and pfSense Plus 21.02 removed kernel-based WireGuard as well. [47]

In May 2021, WireGuard support was re-introduced back into pfSense CE and pfSense Plus development snapshots as an experimental package written by a member of the pfSense community, Christian McDonald. The WireGuard package for pfSense incorporates the ongoing kernel-mode WireGuard development work by Jason A. Donenfeld that was originally sponsored by Netgate. [48] [49] [50]

In June 2021, the official package repositories for both pfSense CE 2.5.2 and pfSense Plus 21.05 included the WireGuard package. [51]

See also

Notes

  1. Not all platforms may have a currently released version and some may be at beta.[ needs update? ]

Related Research Articles

In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).

<span class="mw-page-title-main">Network address translation</span> Protocol facilitating connection of one IP address space to another

Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. The technique was originally used to bypass the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the network's address space. It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP address of a NAT gateway can be used for an entire private network.

Berkeley sockets is an application programming interface (API) for Internet sockets and Unix domain sockets, used for inter-process communication (IPC). It is commonly implemented as a library of linkable modules. It originated with the 4.2BSD Unix operating system, which was released in 1983.

A virtual private network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.

In computer networking, Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It uses encryption ('hiding') only for its own control messages, and does not provide any encryption or confidentiality of content by itself. Rather, it provides a tunnel for Layer 2, and the tunnel itself may be passed over a Layer 3 encryption protocol such as IPsec.

IPX/SPX stands for Internetwork Packet Exchange/Sequenced Packet Exchange. IPX and SPX are networking protocols used initially on networks using the Novell NetWare operating systems. They also became widely used on networks deploying Microsoft Windows LANS, as they replaced NetWare LANS, but are no longer widely used. IPX/SPX was also widely used prior to and up to Windows XP, which supported the protocols, while later Windows versions do not, and TCP/IP took over for networking.

<span class="mw-page-title-main">/dev/random</span> Pseudorandom number generator file in Unix-like operating systems

In Unix-like operating systems, /dev/random and /dev/urandom are special files that serve as cryptographically secure pseudorandom number generators (CSPRNGs). They allow access to a CSPRNG that is seeded with entropy from environmental noise, collected from device drivers and other sources. /dev/random typically blocks if there was less entropy available than requested; more recently it usually blocks at startup until sufficient entropy has been gathered, then unblocks permanently. The /dev/urandom device typically was never a blocking device, even if the pseudorandom number generator seed was not fully initialized with entropy since boot. Not all operating systems implement the same methods for /dev/random and /dev/urandom.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

In computer networks, a tunneling protocol is a communication protocol which allows for the movement of data from one network to another. It can, for example, allow private network communications to be sent across a public network, or for one network protocol to be carried over an incompatible network, through a process called encapsulation.

Anything In Anything (AYIYA) is a computer networking protocol for managing IP tunneling protocols in use between separated Internet Protocol networks. It is most often used to provide IPv6 transit over an IPv4 network link when network address translation masquerades a private network with a single IP address that may change frequently because of DHCP provisioning by Internet service providers.

In computer networking, a host model is an option of designing the TCP/IP stack of a networking operating system like Microsoft Windows or Linux. When a unicast packet arrives at a host, IP must determine whether the packet is locally destined. If the IP stack is implemented with a weak host model, it accepts any locally destined packet regardless of the network interface on which the packet was received. If the IP stack is implemented with a strong host model, it only accepts locally destined packets if the destination IP address in the packet matches an IP address assigned to the network interface on which the packet was received.

In computer networking, TUN and TAP are kernel virtual network devices. Being network devices supported entirely in software, they differ from ordinary network devices which are backed by physical network adapters.

pfSense Firewall/Router software distribution

pfSense is a firewall/router computer software distribution based on FreeBSD. The open source pfSense Community Edition (CE) and pfSense Plus is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network. It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage.

Secure Socket Tunneling Protocol (SSTP) is a form of virtual private network (VPN) tunnel that provides a mechanism to transport PPP traffic through an SSL/TLS channel. SSL/TLS provides transport-level security with key negotiation, encryption and traffic integrity checking. The use of SSL/TLS over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers except for authenticated web proxies.

Tinc is an open-source, self-routing, mesh networking protocol and software implementation used for compressed and encrypted virtual private networks. It was started in 1998 by Guus Sliepen, Ivo Timmermans, and Wessel Dankers, and released as a GPL-licensed project.

An IPv6 transition mechanism is a technology that facilitates the transitioning of the Internet from the Internet Protocol version 4 (IPv4) infrastructure in use since 1983 to the successor addressing and routing system of Internet Protocol Version 6 (IPv6). As IPv4 and IPv6 networks are not directly interoperable, transition technologies are designed to permit hosts on either network type to communicate with any other host.

In computer networking, tcpcrypt is a transport layer communication encryption protocol. Unlike prior protocols like TLS (SSL), tcpcrypt is implemented as a TCP extension. It was designed by a team of six security and networking experts: Andrea Bittau, Mike Hamburg, Mark Handley, David Mazières, Dan Boneh and Quinn Slack. Tcpcrypt has been published as an Internet Draft. Experimental user-space implementations are available for Linux, Mac OS X, FreeBSD and Windows. There is also a Linux kernel implementation.

The Stream Control Transmission Protocol (SCTP) is a computer networking communications protocol in the transport layer of the Internet protocol suite. Originally intended for Signaling System 7 (SS7) message transport in telecommunication, the protocol provides the message-oriented feature of the User Datagram Protocol (UDP), while ensuring reliable, in-sequence transport of messages with congestion control like the Transmission Control Protocol (TCP). Unlike UDP and TCP, the protocol supports multihoming and redundant paths to increase resilience and reliability.

In computer networking, TCP Fast Open (TFO) is an extension to speed up the opening of successive Transmission Control Protocol (TCP) connections between two endpoints. It works by using a TFO cookie, which is a cryptographic cookie stored on the client and set upon the initial connection with the server. When the client later reconnects, it sends the initial SYN packet along with the TFO cookie data to authenticate itself. If successful, the server may start sending data to the client even before the reception of the final ACK packet of the three-way handshake, thus skipping a round-trip delay and lowering the latency in the start of data transmission.

OpenConnect is a free and open-source cross-platform multi-protocol virtual private network (VPN) client software which implement secure point-to-point connections.

References

  1. Grauer, Yael (16 January 2021). "How one hacker's push to secure the internet became a crucial part of Mac, Linux, and Windows operating systems". Business Insider . Retrieved 25 November 2022.
  2. Error: Unable to display the reference properly. See the documentation for details.
  3. "Installation". WireGuard. Retrieved 23 April 2020.
  4. 1 2 3 Salter, Jim (30 March 2020). "WireGuard VPN makes it to 1.0.0—and into the next Linux kernel". Archived from the original on 31 March 2020. Retrieved 23 April 2020.
  5. 1 2 3 4 "WireGuard: fast, modern, secure VPN tunnel". WireGuard. Archived from the original on 28 April 2018. Retrieved 31 March 2021.
  6. Preneel, Bart; Vercauteren, Frederik, eds. (11 June 2018). Applied Cryptography and Network Security. Springer. ISBN   978-3-319-93387-0. Archived from the original on 18 February 2019. Retrieved 25 June 2018.
  7. 1 2 Donenfeld, Jason A. "Known Limitations - WireGuard". www.wireguard.com. Retrieved 1 June 2020.
  8. 1 2 Donenfeld, Jason A. "Protocol & Cryptography - WireGuard". www.wireguard.com. Retrieved 14 May 2023.
  9. Lipp, Benjamin; Blanchet, Bruno; Bhargavan, Karthikeyan (2019), A Mechanised Cryptographic Proof of the WireGuard Virtual Private Network Protocol (report), Research Report RR-9269, Paris: Inria, p. 49, hal-02100345
  10. Donenfeld, Jason (2 May 2021). "WireGuard: Next Generation Kernel Network Tunnel" (PDF). Wireguard.com.
  11. 1 2 Donenfeld, Jason A. "Known Limitations - WireGuard". www.wireguard.com. Retrieved 2 May 2021.
  12. Titz, Olaf (23 April 2001). "Why TCP Over TCP Is A Bad Idea" . Retrieved 17 October 2015.
  13. Honda, Osamu; Ohsaki, Hiroyuki; Imase, Makoto; Ishizuka, Mika; Murayama, Junichi (October 2005). "Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency". In Atiquzzaman, Mohammed; Balandin, Sergey I (eds.). Performance, Quality of Service, and Control of Next-Generation Communication and Sensor Networks III. Vol. 6011. Bibcode:2005SPIE.6011..138H. CiteSeerX   10.1.1.78.5815 . doi:10.1117/12.630496. S2CID   8945952.
  14. Donenfeld, Jason A. "Introduction & Motivation" (PDF). WireGuard: Next Generation Kernel Network Tunnel (PDF). Archived (PDF) from the original on 4 March 2018.
  15. 1 2 Donenfeld, Jason A. (11 December 2017). "[WireGuard] Header / MTU sizes for Wireguard" . Retrieved 13 January 2024.
  16. Wireguard Dynamic IP Configuration Tool, WireGuard, 14 May 2023, retrieved 14 May 2023
  17. Salter, Jim (26 August 2018). "WireGuard VPN review: A new type of VPN offers serious advantages". Ars Technica . Archived from the original on 20 September 2018.
  18. "Building a more secure, accessible and resilient WireGuard VPN protocol". www.opentech.fund. Retrieved 20 June 2022.
  19. "Donations". WireGuard. Archived from the original on 28 April 2018. Retrieved 28 April 2018.
  20. "OVPN donates to support WireGuard". OVPN. 23 March 2020.
  21. "US Senator Recommends Open-Source WireGuard To NIST For Government VPN". Phoronix. 30 June 2018. Archived from the original on 5 August 2018. Retrieved 5 August 2018.
  22. Donenfeld, Jason (7 June 2019). "WireGuard: fast, modern, secure VPN tunnel" . Retrieved 16 June 2019.
  23. Krasnov, Vlad (18 December 2018). "BoringTun, a userspace WireGuard implementation in Rust". Cloudflare Blog. Archived from the original on 4 April 2019. Retrieved 29 March 2019.
  24. "CloudFlare Launches "BoringTun" As Rust-Written WireGuard User-Space Implementation". phoronix.com . Retrieved 29 March 2019.
  25. Johansson, Janne (21 June 2020). "WireGuard imported into OpenBSD".
  26. "wg(4) - NetBSD Manual Pages". 20 August 2020.
  27. 1 2 "Import kernel WireGuard support".
  28. "WireGuardNT, a high-performance WireGuard implementation for the Windows kernel". 2 August 2021.
  29. "WireGuard: VPN has never been so easy".
  30. "Index of /Monolithic-historical/".
  31. Mason, John (13 February 2019). "Mullvad Review". thebestwpn. 2. Strong Tunneling Protocols – OpenVPN & WireGuard. Archived from the original on 24 June 2019. Retrieved 8 April 2019.
  32. Mason, John (19 February 2019). "AzireVPN Review". thebestvpn. 2. Impressive Protocols and Encryption. Archived from the original on 8 May 2019. Retrieved 8 April 2019.
  33. Pestell, Nick (11 December 2018). "Introducing Wireguard" . Retrieved 22 September 2019.
  34. "WireGuard support added!". cryptostorm blog. 5 April 2019. Archived from the original on 9 December 2019. Retrieved 9 December 2019.
  35. "e7096c131e5161fa3b8e52a650d7719d2857adfd - pub/scm/linux/kernel/git/davem/net-next - Git at Google". kernel.googlesource.com.
  36. "LKML: David Miller: Re: [PATCH net-next v2] net: WireGuard secure network tunnel". lkml.org.
  37. "[ANNOUNCE] WireGuard merged to net-next, on its way to Linux 5.6". 9 January 2020. Archived from the original on 9 January 2020.
  38. Torvalds, Linus. "index : kernel/git/torvalds/linux.git". Linux kernel source tree. Kernel.org. Retrieved 2 February 2020.
  39. "drivers/net: Enable WIREGUARD as module". 21 March 2020.
  40. "ANDROID: GKI: enable CONFIG_WIREGUARD".
  41. "merge branch 'bg/wireguard' (d321d0df) · Commits · GNOME / network-manager-applet". gitlab.gnome.org. 22 April 2020. Retrieved 30 May 2020.
  42. "WireGuard for OpenBSD Kernel Patches Posted". 12 May 2020.
  43. "add wg(4), an in kernel driver for WireGuard vpn communication".
  44. "[ANNOUNCE] WireGuard for Windows 0.3: ARM support, enterprise features, & more". 23 November 2020.
  45. "WireGuard for pfSense Software".
  46. Anderson, Tim (23 March 2021). "FreeBSD 13.0 to ship without WireGuard support as dev steps in to fix 'grave issues' with initial implementation". The Register . Situation Publishing . Retrieved 31 March 2021.
  47. Thompson, Jim (18 March 2021). "WireGuard Removed from pfSense® CE and pfSense® Plus Software". Netgate blog. Rubicon Communications. Retrieved 20 March 2021.
  48. Long, Scott (5 May 2021). "pfSense: WireGuard returns as an Experimental Package". Netgate - Secure networks start here. Retrieved 9 June 2021.
  49. Paxson, Audian (19 January 2021). "WireGuard for pfSense Software". Netgate - Secure networks start here. Retrieved 9 June 2021.
  50. "wireguard-freebsd - WireGuard implementation for the FreeBSD kernel". git.zx2c4.com. Retrieved 9 June 2021.
  51. Pingle, Jim (2 June 2021). "pfSense Plus 21.05-RELEASE Now Available". Netgate - Secure networks start here. Retrieved 9 June 2021.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.