WireGuard vs Lightway

Many popular VPN providers have implemented the newer, highly popular WireGuard protocol in recent years. This includes the likes of NordVPN, Surfshark, and CyberGhost. There are many reasons for WireGuard’s success but it particularly stands out for its fast speeds and high level of security. Despite this, ExpressVPN instead opts for its own protocol called Lightway.

In this post, we explain why WireGuard is being adopted by so many VPN services as well as why VPNs such as ExpressVPN prefer alternative VPN protocols. By putting WireGuard and Lightway side by side and comparing everything they have to offer, we hope to provide you with a clearer picture of which protocol is best or, at the very least, which best suits your needs.

WireGuard and Lightway history

Of these two VPN protocols, it was WireGuard that came first. It was initially released in 2015 and it was soon adopted by the likes of Mullvad (2017) and IVPN (2018). Since then, WireGuard has become much more widely supported. Many of our top rated VPNs have implemented the protocol into their services. We’ll explore the reasons for this further below but it’s considered to be a fast and lightweight protocol that’s easy to use while maintaining a high level of security.

ExpressVPN is a well established VPN which dates back to 2009. Its protocol of choice for many years was OpenVPN. While ExpressVPN has acknowledged WireGuard’s ease of deployment and speed, it has expressed reservations regarding security and privacy. Instead, ExpressVPN developed Lightway. Like WireGuard, it is open source and designed to resolve the aforementioned concerns ExpressVPN had regarding WireGuard.

WireGuard vs Lightway: Which is better?

Speed

We found the protocols offer comparable download speeds. ExpressVPN is faster than many Wireguard VPNs but slower than some.

It’s not easy to compare the speeds of WireGuard and Lightway because there are many contributing factors. The speeds you experience while using a VPN and a specific protocol can depend on the following:

  • Server location: The closer a server to your physical location, the faster your connection is likely to be.
  • Server load: Some servers have more users connected to them than others. Fortunately, some VPNs display the current load on each server.
  • Network bandwidth: Some ISPs and poor quality VPNs can throttle bandwidth. The best VPNs offer unlimited bandwidth however.

Taking the above into account, two users running the same protocol can still experience wildly different speeds at any given time. However, it’s fair to say that WireGuard and Lightway are considered to be fast VPN protocols that are highly suitable for even the most bandwidth-intensive activities including streaming and torrenting.

WireGuard, in particular, has a streamlined codebase. This consists of just 4,000 lines of code compared to the 70,000+ lines of code of OpenVPN. ExpressVPN states that Lighway has even fewer lines of code than WireGuard — around 2,000 in all. Less code helps make the protocols more efficient and easier to audit.

Related: Fastest VPNs

Security

WireGuard and Lightway are designed to provide strong security as data travels from your device to the VPN server. However, it’s important to note that a protocol’s security can depend on how it has been implemented, configured, and maintained by a VPN provider. It’s fair to say that ExpressVPN knows Lightway best as it built the protocol from the ground up.

Both WireGuard and Lightway use strong encryption algorithms to ensure the security of VPN communications. One key difference is that WireGuard uses ChaCha20 as its encryption method while Lightway uses AES-256. Both use 256-bit keys. While ChaCha20 is generally considered to be faster than AES-256 due to its simpler design, AES-256 is more widely adopted and has had more time to be tested for vulnerabilities than its younger counterpart.

The codebases of both WireGuard and Lighway are open-sourced and available to view online. Needless to say, this offers numerous advantages. Not only does it provide transparency and promote trust, it also allows for community-driven development, thanks to contributions and feedback from developers and users. This helps identify and fix bugs and add new features.

WireGuard and Lighway have short code bases at 4,000 and 2,000 lines respectively. As such, it’s easier to find and fix problems. Indeed, both protocols have been independently audited. WireGuard was audited by the NCC Group in 2018 and Lightway by Cure53 in 2020. The reports were positive and identified issues that were quickly addressed in both cases.

Ability to go undetected

A VPN allows you to bypass the restrictions of many different websites and services. These restrictions may be due to copyright and licensing as is often the case with TV shows and movies on streaming services. However, internet censorship is also an issue and in some countries, such as China, VPN blocking prevents VPNs from connecting.

WireGuard primarily uses the UDP transport protocol for communication. This is lightweight for faster transmission. Unfortunately, this is relatively easy for governments to block. Wireguard can be obfuscated but it does not contain any obfuscation features itself.

VPNs offer obfuscated connections that mask VPN traffic as regular web traffic. Obfuscation makes connections harder to detect and block. ExpressVPN does offer obfuscated servers, but they’re not labeled. Instead, obfuscation automatically kicks in when the VPN encounters restrictions on a network (such as if you’re in China).

Level of support

One of the key differences between WireGuard and Lightway is that WireGuard is supported by many VPNs on the market (and this number continues to grow). In contrast, Lightway is developed by ExpressVPN and only available via its VPN service.

WireGuard is natively supported in the Linux kernel and is also compatible with the following operating systems: Windows, Mac, Android, and iOS. Lightway is also available on all of the aforementioned operating systems. VPNs such as ExpressVPN have apps for these systems so you’ll be able to use the likes of WireGuard and Lightway to secure the communication of all of your devices.

An advantage of WireGuard is that it’s open source. This is beneficial in terms of its support because the wider community can actively contribute to its development and overall improvement. There’s no shortage of configuration guides and resources for developers and users alike.

Lightway is not fully open source, although its core codebase is. As such it has more limited community involvement and public documentation aside from what’s available to ExpressVPN users.

WireGuard vs Lightway conclusion

Whether you sign up with ExpressVPN and use Lightway or a rival VPN service that offers WireGuard, both offer fast connection speeds, strong security and privacy protection, and extensive support.

If you have your heart set on ExpressVPN, then you won’t be missing out by using Lightway instead of WireGuard. ExpressVPN has full control over its protocol and has been able to optimize it to fit their service. However, it’s not fully open-source and is only available with ExpressVPN.

While there’s not much to separate the two VPN protocols, we feel WireGuard is best due to the fact that it’s fully open source and has more extensive community support.You also have a lot more choice as to the VPN service you sign up with because it’s supported by so many providers.

WireGuard vs Lightway FAQ

Are there any free VPNs offer WireGuard or Lightway?

Only ExpressVPN offers Lightway, so you won’t be able to use the protocol via any free VPNs (although ExpressVPN does come with a 30-day money-back guarantee). Despite the fact that WireGuard has been added to so many VPN services, it’s not offered by many free VPN services. Regardless, we don’t recommend you use free VPNs anyway.

Free VPNs are likely to cause more problems than they solve. For starters, their poor speed will probably prevent you from streaming and torrenting. That’s because many free VPNs throttle user bandwidth. Furthermore, they tend to have very few servers. The high number of users on each server causes heavy load which can also result in slow speeds. Only a limited number of IP addresses makes it difficult to bypass content restrictions of streaming services too.

Using a protocol such as WireGuard with strong encryption should secure your internet traffic but if it’s not properly implemented by the VPN, your data may be at risk. It’s far safer to stick with established VPN services that have proven they can be trusted. The VPN should operate a no-logs policy. Note that many free VPNs keep logs — these logs may even identify you as a user. Some free VPNs sell these logs to third parties or may even share them with authorities.

Which VPN protocol is the fastest?

WireGuard is considered by many to be the fastest VPN protocol available. Indeed, many of the VPNs that make our list of the fastest VPNs use the popular protocol. Some of these VPNs saw major speed bumps when WireGuard was implemented (Surfshark’s speeds doubled).

It should be said that ExpressVPN is also one of the fastest VPNs we’ve tested despite the fact that it uses Lightway as opposed to WireGuard. Regardless of whether you use WireGuard or Lightway, you can expect connection speeds that are fast enough for streaming, torrenting, and online gaming. However, there are other factors to consider such as the distance between you and the VPN server, the current server load, and your own internet connection and ISP.

Which devices can I use WireGuard and Lightway on?

You can use WireGuard and Lightway on your desktop and mobile devices. Indeed, they’re both compatible with the following operating systems: Windows, Mac, Android, iOS and Linux. All you need to do is download the app that’s compatible with your device and then check in the VPN’s settings that you’ve got the WireGuard or Lightway protocol selected.

WireGuard can be configured to work with wireless routers, allowing you to secure as many devices as you like simultaneously. The likes of OpenWrt and DD-WRT support WireGuard, allowing you to manually configure a WireGuard connection on your wifi router. Lightway is available on routers that have been flashed with the ExpressVPN router firmware.

Setting up a WireGuard or Lightway connection on a compatible router means you’ll also be able to use the protocols on devices that don’t typically support VPN apps such as Smart TVs and games consoles.

Can I use WireGuard or Lightway on multiple devices simultaneously?

Most of the VPNs that offer the WireGuard protocol allow you to connect multiple devices simultaneously. In fact, the likes of Surfshark and IPVanish allow unlimited simultaneous connections per account. ExpressVPN lets you secure up to five devices at once, but it’s possible to protect all the devices on your local wi-fi network using ExpressVPN’s firmware for compatible routers.

Will using WireGuard or Lightway slow my internet speed?

Regardless of the VPN protocol you use, it’s quite common to experience slower internet speeds. The reason for this is that data is encrypted and routed to the VPN server before arriving at its destination (the website or service you’re accessing). 

While these extra steps in the process can result in slower speeds, the performance dip doesn’t have to be noticeable. That’s because WireGuard and Lightway are among the fastest VPN protocols you can use. If you combine this with a VPN that offers unlimited bandwidth, you should be able to continue browsing, streaming, and torrenting without any noticeable difference. In fact, if you currently suffer from ISP throttling, a VPN may actually improve your connection.