making mass surveillance ineffective

[labbe5]

https://www.mullvad.net/blog/2017/9/27/ ... rd-future/

Looking back on the development of VPN technology, it is clear that WireGuard has joined the ranks as a game changer.

Further reading :
https://research.kudelskisecurity.com/2 ... odern-vpn/

WireGuard is a network tunnel (VPN) for IPv4 and IPv6 that uses UDP. Currently most of the code resides in the Linux kernel but cross platform implementations are under way. WireGuard features an authentication scheme similar to that of SSH, whereby the VPN server and each client have their own asymmetric key pair. Authorizing a new client is as simple as adding their public key in the server configuration file. Note that WireGuard can be configured to use pre-shared keys as an additional layer of security on top of the existing asymmetric keys. This is optional but improves post-quantum resistance.

WireGuard is also the fastest VPN around (see the benchmarks) exceeding the performance of OpenVPN in throughput tests. It is stealthy and silent since it doesn’t send a reply to unauthenticated messages, making it hard to be discovered by network scanners. Moreover it provides perfect forward secrecy.