US Senator Recommends Open-Source WireGuard To NIST For Government VPN
One of the additions we have been looking forward to seeing in the mainline Linux kernel in 2018 is WireGuard. WireGuard is the open-source, performance-minded, and secure VPN tunnel. WireGuard is designed to be run within the Linux kernel but has also been ported to other platforms.
WireGuard hasn't yet made it into the mainline Linux kernel, but it's looking like it still stands good chances of doing so in 2018. Curious about the state, I asked WireGuard's lead developer Jason Donenfeld this week. He informed me that he is in the process of preparing the patch(es) for review and that it won't hopefully be much longer before that happens. Of course, following the review process is when it could be integrated into the mainline Linux kernel at the next available merge window (he gave no explicit indication, but if it's to happen this year, that would mean Linux 4.19 or Linux 5.0).
Donenfeld has the WireGuard port for Android working now on all Android devices and can make use of the Linux kernel module if present. There are also macOS, FreeBSD, and OpenBSD ports in good shape.
Some of the general improvements to WireGuard recently include optimizations for the MIPS architecture that is common to many embedded devices as well as broader performance work. Donenfeld also has an in-progress Windows port of WireGuard.
It was also pointed out that WireGuard was endorsed by a US senator this week in a letter to the National Institute of Standards and Technology (NIST). That letter is encouraging the use of secure VPNs for the government rather than the existing choices of IPsec and OpenVPN. The senator, Oregon democrat Ron Wyden, specifically recommends "new open-source VPN technology like WireGuard...WireGuard is now being incorporated into the Linux operating system, a clear signal of its widespread support in the technology and security industries."
Wyden though just appears to be a lifelong politician without much technical experience, but an interesting endorsement anyhow for WireGuard.
Those wanting to learn more about WireGuard can do so at WireGuard.com.