| ▲ | coppsilgold 4 hours ago | |||||||
It's unfortunate that WireGuard doesn't include a switch that if both sides agree the crypto in use would be AES and SHA256. Not due to FIPS compliance but performance and power savings. I never once used WireGuard on hardware that didn't have AES and SHA intrinsics, all that battery wasted. | ||||||||
| ▲ | smashed an hour ago | parent | next [-] | |||||||
This is addressed on the known issues page [1]. Basically it does not need dedicated hw acceleration because it can use generic vector instructions to reach similar speeds. I wonder how true that is though. [1]: https://www.wireguard.com/known-limitations/#:~:text=WireGua... | ||||||||
| ▲ | tptacek 3 hours ago | parent | prev [-] | |||||||
A core part of the security design of WireGuard is not negotiating cryptography. | ||||||||
| ||||||||