WireGuard-AES: Hardware based encryption to WireGuard for VPN gateways

WireGuard-AES: Hardware based encryption to WireGuard for VPN gateways

WireGuard is a high-performance virtual private network (VPN) implemented in the Linux kernel, known for its speed and software-based encryption. However, it struggles as a VPN gateway (VPNGW) due to reduced throughput when multiple clients connect—especially in software-defined networks (SDNs), whe...

Full description

Saved in:
Bibliographic Details
Main Authors: M.F. Yuce, O. Keskin, E. Yerlikaya, M.Y. Akmaz, A. Kirca, D. Yiltas-Kaplan, M.A. Erturk, Z. Gurkas-Aydin, Ö.C. Turna, M.T. Buyukakkaslar, Ş. Durukan-Odabaşı, M.A. Aydin
Format: Article
Language:English
Published: Elsevier 2025-09-01
Series:SoftwareX
Subjects:
AES
Throughput
Virtual private network
VPN
WireGuard
Online Access:http://www.sciencedirect.com/science/article/pii/S2352711025002808
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:WireGuard is a high-performance virtual private network (VPN) implemented in the Linux kernel, known for its speed and software-based encryption. However, it struggles as a VPN gateway (VPNGW) due to reduced throughput when multiple clients connect—especially in software-defined networks (SDNs), where hardware encryption support is underutilized. This study introduces a novel WireGuard implementation using Advanced Encryption Standard (AES) encryption, leveraging hardware support to improve performance. Kernel-based AES boosts throughput by 11%, reduces retransmissions by 5.5%, and lowers central processing unit (CPU) usage by at least 2% (with 95% confidence interval). User-space AES achieves up to 19% higher throughput on modern CPUs, paving the way for increased speeds and better efficiency with larger maximum transmission units (MTUs).
ISSN:2352-7110

Similar Items