WireGuard is a free and open source software application and communication protocol that implements virtual private network (VPN) techniques to make secure point-to-point connections in a directed or bridged configuration. It runs as a module in the Linux kernel and aims for better performance than the IPsec and OpenVPN tunneling protocols. It was written by Jason A. Donenfeld and published under the GNU General Public License (GPL) version 2. The Linux version of the software has reached a stable production release and was included in the Linux 5.6 release at the end of March 2020.
WireGuard® is a very simple but fast and modern VPN that uses sophisticated cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding big headaches. It intends to be far more performance than OpenVPN. WireGuard is designed as a general purpose VPN to run on embedded interfaces and super computers, suitable for a variety of circumstances. Originally released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and is widely used. Currently under development, but it can already be considered the safest, easiest and most simple VPN solution in the industry.
WireGuard uses Curve25519 for key exchange, ChaCha20 for encryption, Poly1305 for data authentication, SipHash for hashtable keys, and BLAKE2s for hashing. It supports layer 3 for IPv4 and IPv6 and can encapsulate v4-in-v6 and vice versa. In May 2019, researchers from INRIA published proof of protocols that examined the machine, produced using the CryptoVerif evidence assistant.