What is WireGuard?

Features
By Contributions from published

One of the many VPN protocols out there, is WireGuard right for you?

The logo for the WireGuard VPN protocol shown on a laptop
(Image credit: Shutterstock)
Jump to:

VPN protocols define how your data is transmitted when using a VPN. In the last few years, WireGuard has been adopted by almost every one of the best VPN services, superseding older protocols like OpenVPN and IKEv2.

However, there are pros and cons to using WireGuard. Here, we'll outline exactly what makes this protocol different from other options, and why you might want to consider using it or not.

What is WireGuard?

WireGuard began its life in just 2016. It was originally started by the security researcher Jason A. Donenfeld.

He wanted to streamline network tunnelling with a complete focus on simplicity, removing the complexities that are often found in the world of IT. He saw shortcomings in existing VPN protocols that he didn’t like.

Originally, Donenfeld was a vulnerability researcher. His job entirely revolved around finding vulnerabilities for companies, which eventually led him to his own doubt about the security of existing VPN protocols.

Because of this experience, his focus with WireGuard was to make a VPN protocol that was especially secure, without being confusing or complicated to use.

In its first version, WireGuard was specifically made for Linux. However, it has since been made more widely available with versions across Windows, Mac, Android and even iOS.

Benefits of WireGuard

WireGuard follows three main rules in its philosophy: it is simple, fast, and secure. This is seen in its code with under 5,000 lines in total. In comparison to other protocols such as OpenVPN or IKEv2, that is tiny.

By doing this, WireGuard has fewer bugs and security vulnerabilities. It also means there is less CPU usage and therefore faster connection times. This smaller amount of code is seen in newer VPN protocols like WireGuard or ExpressVPN’s Lightway.

A smaller amount of code also means it will be better suited for devices with less processing power, such as mobile phones or routers. This is why WireGuard is often seen with some of the fastest VPNs.

WireGuard forgoes the standard 256-bit AES encryption. That, on the face of it, sounds bad, but it is one of WireGuard’s strengths.

Instead, WireGuard uses more modern encryption protocols including Curve25519, ChaCha20, Poly1305 and BLAKE2. These cryptography systems make WireGuard more secure and efficient and a frequent feature on some of the most secure VPNs.

Unlike a VPN protocol such as OpenVPN, WireGuard can run inside the Linux kernel. This makes it more efficient, as Linux does not have to context switch (a method of moving between different tasks).

This aids performance, making WireGuard faster and able to transmit more data overall.

Drawbacks of WireGuard

As mentioned above, simplicity, speed and security are WireGuard's specialities. This does mean it has some drawbacks in other areas.

Most noticeably, WireGuard lacks some features its competitors have, such as the ability to allocate dynamic IP addresses. These are IP addresses that aren’t static but will change over time.

WireGuard also doesn’t automatically delete your IP address when you disconnect from the server, and there is no forward secrecy. This is a system that encrypts VPN data using a new private key every session.

Clearly, this is an issue if privacy is your primary concern, and every quality consumer VPN service has patched WireGuard to ensure that your real IP address is never stored. However, this still poses a risk if you plan on using WireGuard to set up your own VPN without signing up to a ready-made provider.

Another feature WireGuard doesn’t have is the ability to obfuscate your traffic, so it can be vulnerable to Deep Packet inspection. While this isn’t found in all VPN protocols, it is becoming more common.

A final consideration of WireGuard is that it only supports UDP. Most VPN providers offer both TCP and UDP. That’s a lot of acronyms but what it crucially means is more efficient data transfers but it can cause transmission and reception issues.

WireGuard, like a lot of other VPN protocols, is very open about its problems. It has a full page addressing them on its website.

Bottom line

One of WireGuard’s biggest weaknesses is its lack of some key features found in other VPNs. However, that by no means makes it less secure than other VPN protocols.

In fact, some of the best VPNs have come up with their own app and server-based solutions using WireGuard.

NordVPN, one of the most popular VPNs around, has their own Nordlynx protocol. This gets around WireGuard revealing a home IP address to the VPN server. Additionally, NordVPN can assign fresh "dynamic" IP addresses to users each time they connect to the service.

While WireGuard is lacking in some areas, it makes up for it with speed, security and its ease of use.

Alex Hughes

Alex is an editor at Future with a focus on phones and broadband. With an eye on the best prices across both of these areas, Alex is bringing you the must-have bargains right now.

With contributions from
Read more
ExpressVPN protocol Lightway code on a PC
What is ExpressVPN's Lightway protocol?
VPN graphic on yellow background
What is a VPN protocol?
Cartoon image of VPN on computer screen
What is OpenVPN?
NordVPN in use on Windows laptop
What is NordLynx?
ExpressVPN Lightway in Rust logo
ExpressVPN remakes its Lightway protocol in Rust – what you need to know
Graphic representation of Proton VPN's new Stealth protocol
Proton VPN Stealth protocol: what is it and why should you use it?
Latest in VPNs
Chelsea Manning speaking at the NymVPN launch event
Chelsea Manning-backed NymVPN launches in bid to win the "censorship arms race"
ExpressVPN
Calling all students! Protect your online privacy with ExpressVPN's exclusive offer
White NymVPN logo on green graphic background
Introducing NymVPN – could this be the world's most secure VPN?
ExpressVPN Lightway Turbo logo
Fast just got faster – introducing ExpressVPN's Lightway Turbo
ExpressVPN connected on Linux app
ExpressVPN launches huge Linux update – what you need to know
Cartoon image of three people using smartphones and laptops
NordVPN reinforces its security credentials with independent audit
Latest in Features
A woman with long dark hair falls asleep quickly in a comfy bed dressed with soft white linens
I'm an ex-insomniac turned sleep coach — my 3 top tips to fall asleep quickly
LG G4 OLED in living room
This is the one setting on your HDR TV most people don't know about — here's how to tweak it
Chelsea Manning speaking at the NymVPN launch event
Chelsea Manning-backed NymVPN launches in bid to win the "censorship arms race"
Samsung Q60D QLED TV on console in living room
Here's why more sports games aren't broadcast in 4K — but streaming might have the answer
Asus ROG Ally
I love my ROG Ally, and these 5 simple tweaks help me game longer
2025 Nissan Ariya Platinum+ AWD review.
I drove the Nissan Ariya EV for a week — and it's nearly the perfect crossover