WireGuard Is Two Things
2 days ago
- #VPN
- #Encryption
- #WireGuard
- WireGuard is both a VPN application and a cryptographic protocol.
- The WireGuard protocol is a clean, modern specification built on the Noise Protocol Framework and ChaCha20-Poly1305.
- WireGuard can be used as a library for encrypting UDP traffic without running a VPN.
- TCP has structural issues like head-of-line blocking, connection state resets, and congestion control problems on lossy links.
- WireGuard's protocol is stateless, with no upfront connection establishment or session tracking.
- The WireGuardClient library is API-compatible with .NET's UdpClient and handles handshakes, key rotation, and message framing.
- WireGuard's stateless design makes it resilient for devices with intermittent connectivity.
- WireGuard can encrypt any byte array, not just IP datagrams, making it versatile for various applications.
- Proxylity's UDP Gateway supports WireGuard Listeners, enabling encrypted datagrams to be sent directly to destinations.
- The wg-client library is open-source under the MIT license and available on GitHub.