A Performance Comparison of WireGuard and OpenVPN

Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI:10.1145/3374664.3379532

Steven Mackey, Ivan Mihov, A. Nosenko, F. Vega, Yuan Cheng

{"title":"A Performance Comparison of WireGuard and OpenVPN","authors":"Steven Mackey, Ivan Mihov, A. Nosenko, F. Vega, Yuan Cheng","doi":"10.1145/3374664.3379532","DOIUrl":null,"url":null,"abstract":"A fundamental problem that confronts virtual private network (VPN) applications is the overhead on throughput, ease of deployment and use, and overall utilization. WireGuard is a recently introduced light and secure cross-platform VPN application. It aims to simplify the process of setting up a secure connection while utilizing the multi-threading capability and minimizing the use of bandwidth. There have been several follow-up studies on WireGuard since its birth, most of which focus on the security analysis of the protocol. Despite the author's claim that WireGuard has impressive wins over OpenVPN and IPsec, there is no rigorous analysis of its performance to date. This paper presents a performance comparison of WireGuard and its main rival OpenVPN on various metrics. We construct an automated test framework and deploy it on a total of eight nodes, including remote AWS instances and local virtual machines. Our test results clearly show two main edges that WireGuard has over OpenVPN, its performance on multi-core machines and its light codebase.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3374664.3379532","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

A fundamental problem that confronts virtual private network (VPN) applications is the overhead on throughput, ease of deployment and use, and overall utilization. WireGuard is a recently introduced light and secure cross-platform VPN application. It aims to simplify the process of setting up a secure connection while utilizing the multi-threading capability and minimizing the use of bandwidth. There have been several follow-up studies on WireGuard since its birth, most of which focus on the security analysis of the protocol. Despite the author's claim that WireGuard has impressive wins over OpenVPN and IPsec, there is no rigorous analysis of its performance to date. This paper presents a performance comparison of WireGuard and its main rival OpenVPN on various metrics. We construct an automated test framework and deploy it on a total of eight nodes, including remote AWS instances and local virtual machines. Our test results clearly show two main edges that WireGuard has over OpenVPN, its performance on multi-core machines and its light codebase.

查看原文本刊更多论文

WireGuard与OpenVPN的性能比较

虚拟专用网(VPN)应用程序面临的一个基本问题是吞吐量、部署和使用的易用性以及总体利用率方面的开销。WireGuard是最近推出的一款轻量级、安全的跨平台VPN应用。它旨在简化建立安全连接的过程，同时利用多线程功能并最大限度地减少带宽的使用。自WireGuard诞生以来，已经有了一些后续的研究，大部分都集中在协议的安全分析上。尽管作者声称WireGuard在OpenVPN和IPsec方面取得了令人印象深刻的胜利，但迄今为止还没有对其性能进行严格的分析。本文介绍了WireGuard及其主要竞争对手OpenVPN在各种指标上的性能比较。我们构建了一个自动化测试框架，并将其部署在总共8个节点上，包括远程AWS实例和本地虚拟机。我们的测试结果清楚地显示了WireGuard相对于OpenVPN的两个主要优势，它在多核机器上的性能和轻量级代码库。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy

自引率

0.00%

发文量