Kubonakala ngathi Izinto zihamba kakuhle ngaphakathi kweprojekthi ye-WireGuard, njengoJason A. Donenfeld, umbhali weVPN WireGuard, thaca iprojekthi ye-WireGuardNT oko ikukuthi ukusebenza okuphezulu kweWireGuard VPN izibuko leWindows kernel ehambelana Windows 7, 8, 8.1, kunye no-10, kwaye ixhasa i-AMD64, x86, ARM64, kunye ne-ARM yoyilo.
Kubalulekile ukuba ukhumbule ukuba kwisemester yokugqibela ye-2019 iipatches zenziwe ngokuphunyezwa kweprojekthi ye-VPN ujongano kwisebe elilandelayo, kuba abaphuhlisi be-WireGuard benze ukuzibophelela kwaye bavuma ukuhambisa inxenye yekhowudi iyeyona iphambili kernel, hayi njenge-API eyahlukileyo, kodwa njengenxalenye yenkqubo esezantsi yeCrypto API.
Emva koko kwiinyanga ezimbalwa kamva iprojekthi yeza kutshintsho lwe-OpenBSD ye-ifconfig kunye ne-tcpdump eziluncedo ngenkxaso yokusebenza kwe-WireGuard, amaxwebhu kunye notshintsho oluncinci lokudibanisa i-WireGuard nayo yonke inkqubo kwaye emva koko iprojekthi yahanjiswa ukuba ihambelane ne-Android .
I-WireGuard VPN iphunyezwa ngokwendlela yanamhlanje yokubhala ngokufihlakeleyo, ibonelela ngokusebenza okuphezulu kakhulu, kulula ukuyisebenzisa, ngaphandle kobunzima, kwaye izibonakalisile kwinani lokuhanjiswa okukhulu okuphatha umthamo omkhulu wezithuthi.
Le projekthi iye yaphuhliswa ukusukela ngo-2015, uphumelele uphicotho-zincwadi olusemthethweni kunye nokuqinisekiswa kweendlela zokubethela ezisetyenzisiweyo. I-WireGuard isebenzisa umxholo wendlela yokubethela, ebandakanya ukubopha isitshixo sangasese kunxibelelwano ngalunye lwenethiwekhi kunye nokusebenzisa amaqhosha esidlangalaleni ukubopha.
Ukutshintshwa kwezitshixo zoluntu ukuseka unxibelelwano kwenziwa ngokufaniswa ne-SSH. Ukuthetha-thethana ngezitshixo kunye nokunxibelelana ngaphandle kokusebenzisa i-daemon eyahlukileyo kwindawo yomsebenzisi, kusetyenziswa i-Noise_IK ye-Noise Protocol ye-Protocol, efanayo nokugcina iigunyaziso ezigunyazisiweyo kwi-SSH. Ukuhanjiswa kwedatha kwenziwa ngokufakwa ngaphakathi kwiipakethi ze-UDP. Ixhasa ukutshintsha idilesi ye-IP ye-VPN (ukuzula) ngaphandle kokophula uqhagamshelo kunye nolungelelwaniso lomthengi oluzenzekelayo.
Uguqulelo oluntsonkothileyo isebenzisa ukubethelwa komjelo weChaCha20 kunye nePoly1305 yokuqinisekisa umyalezo wealgorithm (MAC). I-ChaCha20 kunye nePoly1305 zibekwe ngokukhawuleza kunye nokukhuseleka ngakumbi kwi-AES-256-CTR kunye ne-HMAC, enokuphunyezwa kwesoftware ekuvumela ukuba ufezekise ixesha elimiselweyo ngaphandle kokusebenzisa inkxaso ekhethekileyo yehardware.
Kwaye ngoku Iprojekthi ifika njengezibuko leWindows que yakhela kwisiseko sekhowudi esvavanyiweyo yomiliselo oluphambili lweWireGuard ukulungiselela I-linux kernel, Eguqulwe ukuba isebenzise izixhobo ze-kernel yeWindows kunye ne-NDIS yenethiwekhi.
Emva kweenyanga ezininzi zomsebenzi, mna noSimon sonwabile ukwazisa ngeprojekthi ye-WireGuardNT, izibuko lendalo le-WireGuard le-Windows kernel.
I-WireGuardNT, iqale njengezibuko lesiseko sekhowudi yeLinux… Emva kwemizamo yokuqala yokuphatheka kube nempumelelo, isiseko sekhowudi ye-NT sikhawuleze sahluka ukuze silingane kakuhle ne-NTisms yemveli kunye ne-NDIS (i-Windows networking stack) APIs. Isiphumo kukudityaniswa okunzulu, ukusebenza okuphezulu kokusebenza kweWigeGuard, eyenza ukuba isebenzise uluhlu olupheleleyo lwezakhono ze-NT kernel kunye ne-NDIS.
Ukuthelekiswa nokuphunyezwa kwe-wireguard-go eqhuba kwindawo yomsebenzisi kwaye isebenzisa i-Wintun network interface, i-WireGuardNT inokuphucuka kokusebenza ngokubonakalayo ngokususa ukusebenza kotshintsho lomxholo kwaye ukope imixholo yephakheji ukusuka kwi-kernel uye kwisithuba somsebenzisi.
Ngokuthelekiswa nokuphunyezwa kwe-WireGuardNT yeLinux, i-OpenBSD, kunye neFreeBSD, yonke imigaqo-nkqubo yokuqhubekeka komgaqo isebenza ngokuthe ngqo kwinqanaba lokugcina inethiwekhi.
Nangona kungekho zilungiso zenziweyo okwangoku, i-WireGuardNT sele ifezekisile ukuhanjiswa kwedatha okuphezulu kwe-7,5 Gbps kwindawo yethu yovavanyo kunye ne-Ethernet.
Kwiinkqubo zomsebenzisi zokwenyani ezineWi-Fi, ukusebenza kuyabonakala ngokubonakalayo kusezantsi, kodwa ahlukile kakhulu kugqithiso lwedatha ngqo. Umzekelo, kwinkqubo enekhadi elingenacingo le-Intel AC9560, ukusebenza ngaphandle kweWigerGuard bekungama-600 Mbps kwaye nge-WireGuardNT yayiyi-600 Mbps, ngelixa yayisebenzisa i-wireguard-go / Wintun yayiyi-95 Mbps.
Umthombo: https://lists.zx2c4.com/