WireGuard vs OpenVPN: Protocols Compared
WireGuard and OpenVPN are the two protocols most commonly offered by consumer VPN services. This article compares them across cryptographic design, performance, code size, platform compatibility, and operational characteristics — the dimensions that affect how a service actually behaves in production.
Background on Both Protocols
OpenVPN was released in 2001 and has become a de facto standard in commercial VPN deployments. It is an open-source project written in C, runs in user space, and uses the OpenSSL or mbedTLS libraries for cryptographic operations. Its longevity and flexibility have produced an extensive feature set and a wide range of supported configurations.
WireGuard is considerably newer. The protocol was first published in 2016 and merged into the Linux kernel in 2020. It was designed explicitly to be simpler than its predecessors, with a smaller code footprint, a constrained set of modern cryptographic primitives, and a kernel-resident implementation on platforms that support it. The author of the protocol, Jason A. Donenfeld, framed the design goals around verifiability and performance rather than configurability.
Cryptographic Design
The two protocols differ substantially in how they approach cryptography. WireGuard ships with a fixed set of algorithms; OpenVPN allows the operator to choose from many.
WireGuard's Fixed Suite
WireGuard uses a single cipher suite based on modern primitives. The components are ChaCha20 for encryption, Poly1305 for authentication, Curve25519 for key exchange, BLAKE2s for hashing, and SipHash24 for load balancing. The Noise Protocol Framework provides the handshake.
Fixing the suite has two consequences. First, it eliminates protocol negotiation, which historically has been a source of downgrade attacks in TLS-based protocols. Second, it means that upgrading cryptography requires a protocol version bump rather than a configuration change.
OpenVPN's Configurability
OpenVPN supports many cipher choices through its underlying TLS library. Common configurations include AES-256-GCM for encryption, SHA256 for authentication, and ECDH for key exchange. Older OpenVPN deployments may use BF-CBC or AES-CBC with HMAC, which are considerably weaker by modern standards.
The flexibility allows OpenVPN to support legacy clients, but it also means a configuration audit is required to confirm a particular deployment is using strong settings.
Performance Characteristics
WireGuard generally outperforms OpenVPN on the same hardware. Two factors account for most of the difference.
First, WireGuard runs in the kernel on Linux, macOS, and Windows, which avoids the overhead of moving every packet between kernel and user space. OpenVPN's user-space implementation is portable but incurs a context-switch cost per packet.
Second, ChaCha20-Poly1305 is well suited to processors that lack dedicated AES instructions, which is common on ARM-based mobile devices. OpenVPN typically uses AES, which is faster on hardware with AES-NI but slower elsewhere.
In practical terms, WireGuard often achieves higher throughput, lower latency, and reduced CPU utilization compared to OpenVPN on consumer-grade devices. Battery impact on mobile devices is also typically lower.
Code Size and Audit Surface
The size of a codebase correlates loosely with the effort required to audit it for vulnerabilities. WireGuard's reference implementation consists of approximately four thousand lines of code. The Linux kernel implementation is comparable.
OpenVPN, by contrast, comprises roughly seventy thousand lines and depends on a TLS library — OpenSSL or mbedTLS — that adds several hundred thousand additional lines of code to the trust boundary. The size difference does not, on its own, indicate that WireGuard is more secure, but it does affect how thoroughly the implementation can be reviewed.
Platform Compatibility
Both protocols are widely supported. WireGuard has official implementations for Linux (kernel and user-space), Windows, macOS, iOS, Android, FreeBSD, and OpenBSD. iOS support, in particular, is well-integrated through the iOS Network Extension framework.
OpenVPN is available on essentially every platform, including older systems where WireGuard has not been ported. Many corporate networks use OpenVPN for compatibility with legacy infrastructure.
For new deployments on modern operating systems, WireGuard is the more straightforward choice. For environments that require broad compatibility — including legacy systems, embedded devices, or certain enterprise products — OpenVPN remains relevant.
Configuration Model
WireGuard's configuration model is intentionally minimal. Each peer has a public-key identity and a list of allowed IPs. There is no user-level authentication, no session state on the server, and no keepalive negotiation. The protocol relies on cryptographic identity rather than usernames and passwords.
OpenVPN supports a more flexible authentication model. Certificate- based authentication, username and password authentication, and two-factor authentication are all available. This flexibility is useful in enterprise environments where authentication is integrated with directory services.
For consumer VPN services, where users do not need to be identified to one another, WireGuard's simpler model is generally sufficient.
When to Use Each
The choice between protocols depends on the constraints of the deployment.
- WireGuard is preferable when performance, code simplicity, and modern cryptography are priorities; when the target platforms have native support; and when the deployment can accept a fixed cipher suite.
- OpenVPN is preferable when compatibility with legacy systems is required; when integration with enterprise authentication is needed; or when the deployment must traverse networks that restrict UDP traffic (OpenVPN supports TCP fallback; WireGuard does not).
Many modern consumer VPN services offer both protocols and allow the user to choose. Snap VPN, by contrast, uses WireGuard exclusively, integrated through the iOS Network Extension framework. The decision reflects the design principle of reducing the implementation surface to what is necessary for the target platform.
For an overview of how VPNs work in general, see our introduction to VPNs. For practical setup on iPhone, see the iOS configuration guide.