This Monday, Linux kernel network stack maintainer David Miller unveiled to be included the project wireguard, a software application and a new free and open source communication protocol, in the "net-next" tree of the Linux kernel.
Based on project discussions, although there is still testing to be done, it should be released in the next major version of the Linux kernel, version 5.6, in the first or second quarter of 2020 as WireGuard received approval from Linus Torvalds to integrate into Linux.
WireGuard is an extremely simple, yet fast VPN and modern that uses advanced encryption. This is positioned to be faster, simpler, lighter and more useful than IPsec in addition to claims to be much better than OpenVPN.
wire guard was designed as a versatile VPN to operate on embedded interfaces, but also on supercomputers, suitable for many different circumstances. Originally released for the Linux kernel, it is now cross-platform and widely deployable.
wire guard use Curve25519 for key exchange, ChaCha20 for encryption, Poly1305 for data authentication, SipHash for hash table keys, and BLAKE2s for hash. It supports Layer 3 for IPv4 and IPv6 and can encapsulate v4-in-v6 and vice versa.
WireGuard has been adopted by some VPN service providers such as Mullvad VPN, AzireVPN, IVPN, and cryptostorm, long before its incorporation into Linux, due to its "excellent" design. He has received donations from Private Internet Access, IVPN, and the NLnet Foundation.
It is currently in full developmentBut it could already be considered the safest, easiest to use, and simplest VPN solution in the industry. It is a secure Layer 3 VPN solution.
Unlike its former rivals, which it is intended to replace, its code is much cleaner and simpler. According to the project specifications, WireGuard works by encapsulating IP packets securely over UDP. Its authentication and interface design have more to do with Secure Shell (SSH) than other VPNs.
WireGuard lead author Jason Donenfeld says that:
All you need to do is configure the WireGuard interface with your private key and the public keys of your peers, and you are ready to talk securely. It was written in C (Linux kernel modules) and Go (the user interface).
To simplify development, the monolithic repository "WireGuard.git", that was designed for a separate existence, will be replaced by three separate repositories which are better suited for organizing code work in the main kernel:
- wireguard-linux.git - A complete kernel tree with changes from the Wireguard project, patches of which will be reviewed for inclusion in the kernel and regularly transferred to the net / net-next branches.
- wireguard-tools.git- A repository of utilities and scripts that run in user space, such as wg and wg-quick. The repository can be used to create packages for distributions.
- wireguard-linux-compat.git a repository with a module option, supplied separately from the kernel and includes the compat.h layer to ensure compatibility with older kernels. The main development will take place in the wireguard-linux.git repository, but until now users have the opportunity and the need for a separate version of the patches will also be supported in the working form.
Expected to quickly become the new standard for VPNs Linux when it arrives. With its small code size, high-speed crypto primitives, and core design, it should be faster than any other VPN out there.
In your way of approving the new VPN, Linus Torvalds thinks he has compared it to the other VPNs and considers it to be much better.
"May I once again express my love for him and hope that he will soon merge?" The code may not be perfect, but I have skimmed it and compared to the horrors of OpenVPN and IPSec, it is a work of art, ”he said of WireGuard.
Be the first to comment