About
Get NymVPN
Announcements

NymVPN Fast Mode now powered by WireGuard

Author: Marc Debizet
6 mins read
VPN-2.svg

A important milestone in the development of NymVPN has been reached: the app’s Fast Mode is now integrated with the highly esteemed WireGuard protocol on most operating systems and devices. NymVPN Beta testers can now see how fast decentralization can be thanks to state of the art encryption. Get your immediate credential now to try it!

Please note that Windows compatibility is still in test mode and will be released soon, so stay tuned.

Within a single app, users can now customize their own VPN experience: choose either maximal privacy through the Nym mixnet or very fast yet still highly secure connections thanks to WireGuard.

So what is WireGuard exactly, and why does it make such a big difference for NymVPN users benefiting from decentralization as a default?

What is WireGuard?

WireGuard is a communications protocol that takes care of the encrypted routing for a Virtual Private Network (VPN). It first ensures that the content of VPN users’ traffic is protected by state-of-the-art encryption. Your data is then relayed quickly and securely across WireGuard configured servers (2 with NymVPN) before arriving at its final destination on the public web.

It’s not the only VPN protocol available, but it is one of the most efficient (with a remarkably small data overhead) and the fastest by a long shot. Learn more about WireGuard and how it compares to its biggest competitor.

Why is WireGuard important?

WireGuard is a game-changing resource when it comes to decentralized VPN networks like that which powers NymVPN’s Fast Mode. Decentralized, multi-hop routing is essential for genuine privacy online, but it can be notoriously slow (as users of Tor know all too well). By making the encrypted routing procedures highly efficient, WireGuard gives NymVPN users serious privacy protections with much less latency.

WireGuard on NymVPN

NymVPN modes

NymVPN has two modes: a highly private Anonymous Mode with 5 nodes (i.e., proxy servers or hops) in the Nym mixnet, and a Fast Mode with 2-hops. The WireGuard protocol facilitates traffic through the Fast Mode, while traffic set to use the mixnet mode will use the Sphinx encryption protocol, which is designed specifically to handle mixnet traffic.

WireGuard tunneled encryption

WireGuard is not designed specifically for decentralized, multi-hop routing. Nym has thus adapted the WireGuard protocol to speed up its Fast Mode. The result is a tunneled encryption protocol to secure user traffic, both in terms of the contents and metadata of communications. As user traffic leaves the client, it should have three layers of encryption.

  1. The first layer of encryption corresponds with a decryption key possessed solely by the entry gateway. When decrypted, this server will only be able to see the IP address of the next server to forward user traffic. This means that while the entry gateway can see a users’ IP address, they cannot link it to its final destination on the web.

  2. The second layer of encryption corresponds with the key possessed solely by the Exit Gateway. When decrypted, this server will only see the IP address of the final destination on the web and that of the Entry Gateway. They will not be able to link the IP of the user with their final destination.

  3. The third layer of encryption should be established between the user and their destination on the web (such as HTTPS or TLS-SSL encryption protocols common for all traffic by default on the web).

With this unique tunneled encryption in place, users’ traffic will remain unlinkable to them, and no intermediary server on the route will have access to the encrypted content that they handle except the designated recipient.

NymVPN benefits

Any other generic 2-hop VPN – such as decentralized VPNs (dVPNs) or double VPN modes – will still be slow if the routing technology facilitating it is sub-par. But with the power of WireGuard now behind it, NymVPN users can benefit from connection speeds with which other dVPNs struggle while still having more privacy protections than any centralized VPN can provide.

Implementing WireGuard

While any client can download and run WireGuard, doing so securely on a decentralized network of servers is more complicated. The Nym team has been hard at work in making sure it works seamlessly. Here are the implementation steps:

  • Configuring the WireGuard servers. All servers on the multi-server network need to be first configured to use the WireGuard software, and must have public and private keys generated.

  • Configuring the WireGuard clients. The NymVPN app on the client side must be configured to generate public and private keys so it can connect the client’s device with the designated relay servers.

  • Connecting WireGuard Client with Servers. When these configuration steps are completed, encrypted data can then be sent from the client via WireGuard through the Nym network to a designated recipient. Only the latter will be able to decrypt the cleartext data.

  • Securing WireGuard network. Additional security measures are necessary to secure any network, and one using WireGuard is no different. This includes guarding against DNS leaks, which requires weeks of testing and managing DNS servers and connections. Protections for these leaks are currently being addressed by the Nym dev team.

Thankfully for users, benefiting from WireGuard requires only one click in the NymVPN app to choose which routing method you would like to use. The Nym team has taken care of the rest.

Customize your privacy needs

Decentralized VPN technologies are a significant advancement in protecting user privacy. But they typically come with tradeoffs in speed and connection reliability. Thanks to open-source technology like WireGuard, NymVPN is able to give users a meaningful choice in managing their own privacy online. Choose when you need maximal protection with the Anonymous Mode, and when you need extra speed without compromising your privacy.

If you haven't already, try out NymVPN Beta today and see how it works!

And if you’re curious about how the Anonymous Mode provides the most technologically sophisticated privacy protections currently available, read more about why you’d want to use it and a step-by-step guide to how it handles your data to anonymize it.

Share

Table of Contents

Keep Reading...

VPN-2.svg
Privacy

What is Wireguard VPN & how does it work?

How the fastest VPN encryption protocol available works

11 mins read
Privacy-1.svg
Privacy

WireGuard vs. OpenVPN

What makes them different, and which encryption protocol is the best?

14 mins read
Tutorials-1.svg
Privacy

Encryption & data protection (all you need to know)

Explore how different types of VPNs use encryption to protect your data and privacy

15 mins read
NymWorld-1.svg
Network

Nym’s zero-knowledge network: No logging promises needed

Turning a VPN no log’s policy into a network design and guarantee

10 mins read
VPN-screen.svg

INTRODUCING NYMVPN

Advanced privacy built for the age of AI

TRY FREE FOR 30 DAYS
Artboard 1.svg