WolfGuard: WireGuard with FIPS 140-3 cryptography
789c789c789c
84 points
60 comments
March 24, 2026
Related Discussions
Found 5 related stories in 44.8ms across 3,471 title embeddings via pgvector HNSW
- WireGuard Is Two Things mlhpdx · 17 pts · March 12, 2026 · 61% similar
- WolfIP: Lightweight TCP/IP stack with no dynamic memory allocations 789c789c789c · 114 pts · March 12, 2026 · 50% similar
- Show HN: Mtproto.zig – High-performance Telegram proxy with DPI evasion slp3r · 12 pts · April 03, 2026 · 44% similar
- PIGuard: Prompt Injection Guardrail via Mitigating Overdefense for Free mettamage · 11 pts · April 03, 2026 · 42% similar
- Jami – free/libre, end-to-end encrypted, and private communication software smartmic · 35 pts · March 31, 2026 · 42% similar
Discussion Highlights (12 comments)
AaronFriel
The conventional wisdom in cryptography is that if you don't know you need FIPS, if you don't have paper and a dollar figure telling you how much you need it, you don't need or want FIPS.
elevation
Wireguard exemplifies the superiority of a qualified independent developer over the fractal layers of ossified cruft that you get from industry efforts and compliance STIGS. So it feels wrong to see wireguard adapted for compliance purposes. If compliance orgs want superior technology, let their standards bodies approve/adopt wireguard without modifying it.
pphysch
Can't you also get FIPS 140-3 WireGuard by compiling wireguard-go with the new native FIPS support in Go?
PunchyHamster
So a step backward in security ?
usui
I know software developers complain about forced compliance due to the security theatre aspects, but I would like to charitably ask from someone who has technical understanding of FIPS-compliant cryptography. Are there any actual security advantages on technical grounds for making WireGuard FIPS-compliant? Assume the goal is not to appease pencil pushers. I really want to know if this kind of effort has technical gains.
coppsilgold
It's unfortunate that WireGuard doesn't include a switch that if both sides agree the crypto in use would be AES and SHA256. Not due to FIPS compliance but performance and power savings. I never once used WireGuard on hardware that didn't have AES and SHA intrinsics, all that battery wasted.
gte525u
Are there benchmarks available to compare vanilla wireguard to fips wireguard?
cookiengineer
> XChaCha20-Poly1305 replaced with AES-256-GCM What could possibly go wrong? It's not like every CTF ever designed has a block cipher or counter mode challenge. /s If the project wasn't done by WolfSSL, I would have assumed it's a trolling attempt to mock FIPS requirements. But it's not, and that's the problem.
kittikitti
This is a great project, thanks for sharing. I'll be following the repository even though I don't plan on changing any of my WireGuard deployments.
gormami
For all those saying that FIPS is a step backwards in crypto, you are right, the standards always lag the state of the art. That said, CMMC is coming into it's own in the US MilGov space, and a LOT of small businesses need to be CMMC compliant, which requires FIPS certified crypto. So having an open sourced FIPS compliant option is a good thing for them. Good on WolfSSL for helping out that space.
MrDrMcCoy
How will this avoid trademark issues with WireGuard?
poemxo
I wish they would just add ChaCha20-Poly1305 and Blake2 to FIPS, instead of ushering in the era of WireGuard forks.