With the introduction of ExpressVPN’s new Lightway connection protocol, there are a lot of people – including me – who are wondering exactly how Lightway vs WireGuard vs OpenVPN compare. I’ve been testing each protocol for the past year, and here’s what I’ve learned.
So what is the difference between Lightway and Wireguard?
When first released, the code base for ExpressVPN’s Lightway protocol was closed sourced, but as promised ExpressVPN has now published the code as open source on Github. Anybody is able to check the security of the Lightway code and many security experts have done so.
It’s now easier to compare Lightway vs Wireguard and OpenVPN.
|est. 2020||est. 2016||est. 2001|
|Open Source||Open source||Open Source|
|ExpressVPN only||Widely available||Widely available|
|Efficient code base||Efficient code base||Bloated code|
|Battery saver||Battery saver||Battery Drain|
Practically speaking, what does all this mean as you’re using one of these VPN connection protocols to access the internet?
For the average use, you won’t feel much of a difference at all.
But a difference does exist, and there are good reasons why you might want to choose Lightway vs Wireguard or even stick with the standard OpenVPN protocol.
Note: Some of the links in this article are affiliate links, which means that at no extra cost to you, I may be compensated if you choose to use one of the services listed.
Benefits of WireGuard and Lightway
Let’s get one thing straight: Lightway and Wireguard have more in common than they do differences.
This is one reason why ExpressVPN has had to work hard to market Lightway as a completely separate (and, in their opinion, better) protocol.
Most people, including me, are getting confused by the two.
One reason for this is that other commercial virtual private networks have integrated WireGuard into their software and simply renamed it. An example of this is how NordVPN now offers NordLynx, which is their version of WireGuard.
Another reason is that both WireGuard and Lightway boast the same benefits, which include:
- Modern Encryption Architectures: Although Lightway uses wolfSSL and WireGuard uses ChaCha20 (among others), both VPN protocols are using modern encryption algorithms that increase the level of privacy and security for users. OpenVPN is still secure, but it’s getting dated.
- Lightweight Code Base: Compared to older VPN protocols, both Lightway and Wireguard feature significantly cleaner code. I’ve already covered this in my overview of Wireguard, but these protocols offer a 90% reduction in lines of code over OpenVPN. This translates into faster loading, easier setup and, most importantly…
- Faster Speeds: The simpler code and better design allow for more efficient speeds. I’ve seen this personally when using WireGuard, particular in the time it takes to actually connect to the server (almost instantaneously).
- Stable Connection: One of the most welcome benefits of these new protocols is the stability of the connection. They can jump between networks (i.e. from your home WiFi to the cellular network) without the same difficulty that OpenVPN and other protocols have historically had.
That’s a bit of what makes them the same, and before we move into the differences, take a few minutes to watch this video explanation.
WireGuard vs Lightway | Primary Differences
During my tests, I noticed very little difference in how WireGuard and Lightway performed. They’re both an improvement over the older protocols, but the similarities are easier to see.
Differences do exist, though.
Differences in Encryption Libraries
As I mentioned above, Lightway uses wolfSSL encryption library while WireGuard uses the Noise protocol framework with the ChaCha20 cipher. Both of these are modern, high-quality encryption frameworks that emphasize speed, efficiency and portability.
But as far as the average person is concerned, it feels exactly the same. As long as ExpressVPN’s Lightway stands up to independent, third-party audits (which it has), I don’t believe that one encryption library should be considered better than another.
Differences in the Development Process
The biggest and most important difference between Lightway and Wireguard is how it was developed.
WireGuard was developed on an open source platform over the past few years, similar to OpenVPN, and has been subject to public scrutiny. Because it is open source, it can be updated, improved and implemented across many different VPN services.
Lightway, by contrast, has been developed as a proprietary protocol for ExpressVPN. It has been coded in private and tested in beta. The code has now been released as open-source on Github, but it took them a couple years before they made good on this promise to release the code.
I’m not here to say that one method is better than the other – there has been a lot of good software that has been developed privately and plenty of crappy software that has open source code.
This does mean that, at least for the time being, Lightway will only be available through ExpressVPN.
In other words, you’ll need to have a subscription to ExpressVPN in order to take advantage of Lightway.
On the other side, there are a growing number of VPNs that offer WireGuard as an option.
Which is Better? Lightway or WireGuard?
Which is better…Lightway or Wireguard?
Or should you stick with OpenVPN?
The honest truth is that they feel the same, but we won’t really know the answer to that question until ExpressVPN opens up the source code for scrutiny.
Anybody who tells you differently at this point is either working for ExpressVPN or they’re blowing smoke.
The good news for you, as a VPN user, whether you go with ExpressVPN, you choose a WireGuard VPN like NordVPN or even if you stick with your current OpenVPN service, security and speed are being improved.
And that’s a very good thing.
Be sure to subscribe to the All Things Secured YouTube channel!
Wireguard on Android doesn’t have a battery saver feature like OpenVPN …. I hope you can try both applications on your favorite smartphone … Reviews all over the internet are full of falsehoods ….. the truth is yours who dares to try …
Josh Summers says
Saving battery life is not a “feature” as much as it’s a characteristic of the protocol. It’s much lighter and the connection much more efficient, so by nature it uses less energy than OpenVPN. I’m not sure how that’s a falsehood or dependent upon which phone you use?
Wireguard isn’t as secure as they would like you to believe. Wireguard REQUIRES logging in order to function. Your IP address is part of that log. just something to consider if you choose Wireguard.
Josh Summers says
I believe that you’re referring to privacy, not security here. And it requires logging on the server side. So if you set up your own server, that’s not a problem, and for those services that have integrated Wireguard, that’s up to them how they deal with that logging.