Before you go, check out these stories!

0
Hackernoon logoWireGuard VPN Protocol and NordLynx by@nordvpn

WireGuard VPN Protocol and NordLynx

Author profile picture

@nordvpnNordVPN

To become safer online, start with NordVPN — the world’s leading VPN provider.

Several years ago, a casual Internet user asked about VPNs would most likely scratch his or her head in uncertainty. Sure, VPNs have been around since Microsoft developed the PPTP protocol in 1996 and granted employees a somewhat safe remote access to confidential business resources on distant databases. But in 1996 there was a total amount of 36 million Internet users, and cybersecurity was an oblique idea for most of them.

Jumping to 2010 we have nearly 2 billion Internet users, first commercial VPNs are appearing for public use, PPTP is an outdated protocol, and those who decide to use a VPN struggle with unacceptable connection speeds. By the way, cybersecurity is not an oblique idea anymore, but a problem nobody knows how to deal with yet. And only on the verge of 2020 netizens that value their online privacy woke up to see their VPNs blazing high-speeds and cheered in unison - WireGuard has arrived. And we at NordVPN hastened to adapt it to our service with NordLynx as the end product in mind.

WireGuard is a VPN protocol, and VPN protocols are a mysterious technical thing, but it doesn't need to be. Those interested in why your VPN got a lot faster recently - let's overview what WireGuard VPN protocol is. And why commercial VPN service providers were quick to implement it.

What is a VPN protocol?

The first protocols were developed way back in 1969 when the Internet was called ARPANET and was primarily a military project. However, soon ARPANET grew in size, and two networks - ARPANET and MILNET - were separated for research and military purposes respectfully. A set of rules and principles governed communication between these two separate networks called protocols. 

Protocols are sets of rules developed to govern the exchange of information packets over an extensive network of interconnected computers. It defines what information is and how information travels from one network to another. For example, Internet Protocol governs information exchange, and Transfer Control Protocol defines how data is divided into packets, forming TCP/IP or Internet Protocol Suite.

At its very core, VPN protocols are the same. However, since VPNs have been created for business and, more recently, public Internet safety, VPN protocols also include encryption standards, which vary significantly per protocol. To put it shortly, VPN protocols are sets of rules that govern how a secure connection tunnel between the users' device and the VPN server is established, how packets travel through the tunnel, and what encryption is applied to secure that tunnel.

What is WireGuard protocol?

WireGuard is a VPN protocol that was developed by security researcher Jason A. Donenfeld, starting in 2016 and still actively in development. However, WireGuard provides a practical, innovative, and deployable solution to a lot of problems that VPNs struggle with: security, efficiency (speeds), and auditing.

The latter is especially important for commercial VPN providers that strive to maintain their reputation by employing third-party auditors to test the steel of their service. 

First of all, WireGuard consists of only 4000 lines of code approximately. The number reveals the difference way better in comparison - OpenVPN consists of nearly 600 thousand lines of code and IPSec 400 thousand. Not only does it make WireGuard easier to deploy, but it also makes it way faster, some reporting four times the speed when compared to the aforementioned VPN protocols. Security also benefits from a dense code, the fewer the lines - the fewer points an attacker can exploit, reducing attack perimeter.

Last but not least is easy audits. It will take days for a professional auditing team to review OpenVPN, IPSec, or other VPN protocol to produce accurate results and find vulnerabilities. The same problem does not haunt WireGuard protocol, since "the code is intended to be easily auditable, with Donenfeld saying it can be read in an afternoon." This makes work much easier both for auditors and developers alike, and users benefit from a safer, more reliable service.

What are the benefits of WireGuard?

For most commercial VPN users speeds are of utmost importance, so let's secure this one first. Because of modern encryption techniques, dense code, and a few other reasons, WireGuard excels at the connection to the server (nearly instantaneous), and data transfer speeds.

See the image below for NordVPN speed comparison on NordLynx (our WireGuard implementation), IKEv2, and OpenVPN protocols.

Second, and this might be considered a negative by some, but nevertheless a crucial part of WireGuard is that it leaves behind classic cryptographic solutions and focuses on modern, tested and peer-reviewed encryption implementations.

For example, WireGuard utilizes ChaCha20 for encryption solution, instead of using a commonly accepted AES-256 encryption as it's standard. This exchanges cryptographic agility for easier deployability and establishes its own security standard, which users can't modify (sometimes for their own good). We also used XChaCha20 encryption for our other service NordPass password manager. 

To summarize, WireGuard entered the VPN market at precisely the right time, when ease-of-use, security, reliability, and efficient auditing were problems to be solved. In the very end, more people should use cybersecurity software, but it is less likely to happen if the services they are offered are not comfortable to use. And WireGuard VPN protocol provides a solution to most of these problems - that's why major commercial VPN service providers were fast to implement it.

And for those that want to start protecting themselves online, NordVPN now offers NordLynx protocol, which is based on Wireguard® and adapted to maintain our strict no-logs policies.

Currently, our 2-year deal plan costs $3.71/month or $89 in total.

Disclaimer: WireGuard® is a registered trademark of Jason A. Donenfeld.

Author profile picture

@nordvpnNordVPN

Read my stories

To become safer online, start with NordVPN — the world’s leading VPN provider.

Tags

Become a Hackolyte

Level up your reading game by joining Hacker Noon now!