WireGuard VPN FAQs: Difference between revisions
From Edge Threat Management Wiki - Arista
Jump to navigationJump to search
(Created page with "Category:FAQs === How resilient is a WireGuard connection? === WireGuard is built for roaming. If your device changes networks, e.g. from WiFi to a mobile/cellular, the c...") |
mNo edit summary |
||
| Line 2: | Line 2: | ||
=== How resilient is a WireGuard connection? === | === How resilient is a WireGuard connection? === | ||
WireGuard is built for roaming. If your device changes networks, e.g. from WiFi to a mobile/cellular, the connection will persist because as long as the client sends correctly authenticated data to | WireGuard is built for roaming. If your device changes networks, e.g. from WiFi to a mobile/cellular, the connection will persist because as long as the client sends correctly authenticated data to the WireGuard VPN server, the server keeps the connection alive. | ||
=== What cryptography is used in WireGuard? === | === What cryptography is used in WireGuard? === | ||
Revision as of 21:52, 13 May 2020
How resilient is a WireGuard connection?
WireGuard is built for roaming. If your device changes networks, e.g. from WiFi to a mobile/cellular, the connection will persist because as long as the client sends correctly authenticated data to the WireGuard VPN server, the server keeps the connection alive.
What cryptography is used in WireGuard?
ChaCha20 for symmetric encryption, authenticated with Poly1305, using RFC7539's AEAD construction Curve25519 for ECDH BLAKE2s for hashing and keyed hashing, as described in RFC7693 SipHash24 for hashtable keys HKDF for key derivation, as described in RFC5869 Noise_IK handshake from Noise, building on the work of CurveCP, NaCL, KEA+, SIGMA, FHMQV, and HOMQV All packets are sent over UDP
