[WireGuard] fastd comparison wireguard ?
Jason A. Donenfeld
Jason at zx2c4.com
Sat Jul 2 02:59:33 CEST 2016
Hi Jens,
I have read fastd, and I think it's a neat project. I thought it was
cool to see it using FHMQV-C; WireGuard is based on Noise, which in
turn was heavily influenced by the [F]HMQV family. Fastd is a lot more
complex than WireGuard, and does a lot more -- cipher agility, layer 2
-- things that WireGuard has deliberately left out. Fastd has also
been around longer, and they actually have a release >= 1.0 (18!),
whereas WireGuard is still in an unreleased experimental phase.
Generally fastd looks cool. I haven't audited their code thoroughly,
so I can't speak to the code quality, implementation security status,
or crypto particulars.
WireGuard will definitely be faster, by virtue of being in kernel
space and possibly other general performance improvements, and I think
you might benefit from the simplicity of WireGuard too. If you're
using OpenWRT, I think a package for there is in the works, and the
package maintainer will probably inform the list when it's ready. Keep
in mind that WireGuard is experimental, but if you would like to try
it out, I'd be very interested to learn your experience with it --
what worked, what didn't, the performance characteristics, and so
forth. We're a new project here, so feedback like that is very useful
for shaping our direction.
Keep me posted!
Jason
More information about the WireGuard
mailing list