Wireguard specifically was not designed for enterprise use, quite the opposite, and enterprise has to do quite a bit of wrapping around it to ensure keys are rotated and this is why tailscale has become so popular.
> Instead of reconstructing existing protocols, we built one from scratch. One that’s designed around what actually matters to you: security and performance.
Sigh.
AEGIS-256X2 can be hardware accelerated but its not really any stronger in the end than ChaCha20-Poly1305. The limitations of that hardware acceleration are not even felt in my experience on single-client connections, and its really the server where you see the pain.
Did surfshark just rewrite or vibe code wireguard with a new encryption algorithm?
Croftengea•1h ago
> Did surfshark just rewrite or vibe code wireguard with a new encryption algorithm?
Then it would be outright lie to say "We started with a clean slate."
panikal•1h ago
> Instead of reconstructing existing protocols, we built one from scratch. One that’s designed around what actually matters to you: security and performance.
Sigh.
AEGIS-256X2 can be hardware accelerated but its not really any stronger in the end than ChaCha20-Poly1305. The limitations of that hardware acceleration are not even felt in my experience on single-client connections, and its really the server where you see the pain.
Did surfshark just rewrite or vibe code wireguard with a new encryption algorithm?
Croftengea•1h ago
Then it would be outright lie to say "We started with a clean slate."