Probable Heresy ;-)

Peter Whisker peter.whisker at
Mon Nov 30 13:47:40 CET 2020


I expect to be shot down regarding this suggestion, but has there been 
any thought given to adding and optionally allowing enabing of lz4-v2 
compression of the plaintext payload before Wireguard encryption?

The reason I ask is that I was doing some tests recently and was 
horrified to find that OpenVPN with it's lz4-v2 switched on seriously 
outperformed Wireguard by about 50% in my test case. Obviously YMMV 
depending on the data stream.

I believe that lz4-v2 is very fast and has no overhead in incompressible 
packets. I realise that there have been some attacks on compressed 
encrypted data (eg the CRIME and BReACH attacks on TLS) but I don't know 
if they apply here.

Just wondering if there is a reason why it has not been done?



More information about the WireGuard mailing list