Google company into the main Android codebase code with built-in VPN support . WireGuard code moved to modification , developed for a future release of the Android 12 platform, from the main Linux kernel , which originally included wireguard. Kernel-based WireGuard support .
So far by the developers of WireGuard for Android mobile application, which by Google from the Google Play catalog due to a link to the donation page on the project website, which violated the rules for making payments (donations are marked as invalid if they are not collected by a specially registered non-profit organization).
Recall that VPN WireGuard is implemented on the basis of modern encryption methods, provides very high performance, is easy to use, devoid of complications and has proven itself in a number of large deployments that process large amounts of traffic. The project has been developing since 2015, passed the audit and the encryption methods used. WireGuard uses the concept of encryption key routing, which involves binding a private key to each network interface and using public keys to bind.
The exchange of public keys to establish a connection is similar to SSH. To negotiate keys and connect without running a separate user-space daemon, the Noise_IK mechanism from , similar to maintaining authorized_keys in SSH. Data transmission is carried out through encapsulation in UDP packets. It supports changing the IP address of the VPN server (roaming) without breaking the connection with automatic client reconfiguration.
For encryption stream cipher and Message Authentication Algorithm (MAC) , designed by Daniel Bernstein (), Tanya Lange
(Tanja Lange) and Peter Schwabe (Peter Schwabe). ChaCha20 and Poly1305 are positioned as faster and more secure analogues of AES-256-CTR and HMAC, the software implementation of which allows achieving a fixed execution time without involving special hardware support. To generate a shared secret key, the Diffie-Hellman protocol on elliptic curves is used in the implementation , also proposed by Daniel Bernstein. Algorithm used for hashing .
Source: opennet.ru