BitCoin Icon

Wireguard VPN

WireGuard® offers a lightning fast VPN connection with very zero-to-nothing overhead and maintains security with state-of-the-art cryptography. It has the potential to offer a simpler, more secure, more efficient, and easier to use VPN over existing technologies.

Download Astrill VPN now
Planet
Shuttle
Wireguard vpn

WireGuard's connect times seem downright magical.

Standard VPN protocols such as OpenVPN or IPSec have a slow and complex handshake process. This is mainly because of so many configuration options that both client and server have to agree on. WireGuard relies on crypto versioning. If a devastating cryptographic attack against one of WireGuard's underlying primitives is discovered, a new WireGuard protocol will be devised as a total package.

After such an update, a WireGuard client and WireGuard server would simply need to say "let's use v2.0 instead of v1.0!" and be off to the races. (This is in contrast to a crypto agile negotiation, in which client and server must negotiate and agree on every single primitive and key length, piece by piece.) Once an admin is certain all of their clients have been updated to support the new protocol, they could simply disable the 1.0 protocol at the server and be done with it.

  • ChaCha20 for symmetric encryption, authenticated with Poly1305

  • using RFC7539's AEAD construction

  • Curve25519 for ECDH

  • BLAKE2s for hashing and keyed hashing, described in RFC7693

  • SipHash24 for hashtable keys

  • HKDF for key derivation, as described in RFC5869

Resilient VPN connection for roaming

WireGuard is built for roaming. If your device changes networks, e.g. from WiFi to a mobile/cellular, the connection will persist because as long as the client sends correctly authenticated data to our WireGuard VPN server, the server keeps the connection alive. Never get disconnected from VPN ever again!

Wireguard VPN roaming

What are the advantages of a smaller code base?

WireGuard has been designed with ease-of-implementation and simplicity in mind. Its current codebase is under 4,000 lines of code. Compared to its alternative predecessors like Swan/IPsec (400,000+ lines) or OpenVPN/OpenSSL (600,000+ lines), in which auditing the gigantic codebases is an overwhelming task even for large teams of security experts, Wireguard supercedes all of them.

Many devices

Easier to audit

OpenVPN would take a large team many days to audit. WireGuard is reviewable by single individuals

Wireguard audit

Easier to find vulnerabilities

Easier audit = easier to find vulnerabilities, which helps keep WireGuard secure

VPN sniffer

Smaller attack surface

Much smaller attack surface in comparison to OpenVPN and IPSec

Small business

Better performance

Cleaner code always makes better performing programs. Wireguard is fast and reliable

Easily get up and running

We have implemented Wireguard support into our desktop application. To get connected with Wireguard, follow these simple steps:
1
placeholder
Download and install

Download and install Astrill VPN application for your platform

2
placeholder
Log in

Enter your e-mail and password and click on log-in button

3
placeholder
Pick server and connect

Choose from hundreds of servers and connect with one click

Don't believe us it's that easy? Check out our video showing in detail how to surf on-line protected with Astrill's Wireguard technology in a matter of seconds

비디오 보기

지원되는 플랫폼

Astrill Wireguard VPN currently works on
윈도우 윈도우
macOS macOS
리눅스 리눅스
Download Astrill VPN now WARNING: The WireGuard protocol is currently under heavy development and should be considered experimental. At this time we do not recommend using WireGuard except for testing or in situations where security is not critical. We welcome all customers to begin testing and send us feedback via e-mail or via live chat. Remember, we are here 24/7 for you! "WireGuard" and the "WireGuard" logo are registered trademarks of Jason A. Donenfeld.