Surfshark announced that it has implemented support for the WireGuard protocol for its Windows and macOS desktop VPN clients, as well as its Android and iOS mobile apps. WireGuard is a relatively new open source VPN protocol created by Edge Security's Jason A. Donenfeld, which uses cutting-edge cryptography to provide users with the highest level of privacy, security, and speed. One of the main differences that sets WireGuard apart from existing VPN protocols is the fact that its code base contains fewer than 4.000 lines of code compared to OpenVPN's 400.000 lines of code. This makes it much easier for security researchers to search for vulnerabilities and other bugs, helping to protect VPN users online. WireGuard also encrypts user data using modern protocols and primitives, including ChaCha20 for symmetric encryption, Curve25519 for ECDH, Blake2s for hashing and key hashing, SipHash24 for key hashing, and HKDF for key derivation. The protocol also provides rotary keys for perfect transmission secrecy, as connection connections are made every few minutes.
Double NAT system
Although WireGuard has revolutionized the VPN industry with its excellent speed and performance, the new protocol is often criticized for its ability to protect user privacy. For this reason, Surfshark has implemented a dual network address translation (NAT) system to further protect the privacy of its users. While OpenVPN and IKEv2 assign IP addresses dynamically, WireGuard gives users the same static IP address every time they log in. Surfshark's Dual NAT system corrects this by assigning users a dynamic IP address each time they connect to any of their VPN servers using WireGuard. Since users are assigned a different IP address each time they log in, there is no incentive to store identifiable data on a server. With its dual NAT method implemented, Surfshark can offer its users the option of using a fast, modern and secure VPN protocol without compromising their privacy. The company's WireGuard implementation also complements its RAM-only server network that was completed earlier this year. To start using WireGuard with Surfshark apps and clients, users need to go to the settings menu and choose the new protocol when connecting to a VPN server.- Also check out our full list of the best VPN services.