A closer look at this popular VPN encryption protocol

Once in the realm of the tech elite, VPN software has increasingly been used by the tech masses. This trend has most recently been driven by ISPs selling browsing histories in the US – and therefore, in effect, the user’s privacy – to the highest bidder to facilitate targeted advertising.

With access to robust VPN platforms, users can more closely guard their online privacy, and access other benefits like a better level of security when using public Wi-Fi.

The main pillars of a VPN are security and privacy, and these services use an encrypted tunnel to transmit your data online, with many benefits therein as we’ve previously discussed. When configuring a VPN, there are several choices for encryption protocols which can be used, and among these, one of the more popular options is currently OpenVPN.

Roots of OpenVPN
The OpenVPN project was founded by James Yonan, and was initially released back in 2002. Yonan had a background in software development for the original IBM PC, as well as financial trading. He is still involved with the project, and serves as the co-founder of the company, as well as the CTO of OpenVPN Technologies.

One of the reasons OpenVPN is popular is the fact that it supports all the major operating systems, including the expected desktop platforms of Windows, macOS and Linux, as well as the mobile platforms of Android and iOS. It also supports the less common platforms of FreeBSD, QNX, Solaris, Maemo, and Windows Mobile.

The whole point of a VPN security protocol is to provide a high level of security, and OpenVPN excels at this. It features up to 256-bit encryption via OpenSSL, a widely deployed software library to secure communications across networks. OpenSSL supports conventional encryption in Static Key Mode via pre-shared keys (PSK), and also public key security via client and server certificates. OpenVPN features not only state of the art security, but it’s also highly adaptable via third-party software.

In fact, there are commercial OpenVPN providers that take the OpenVPN protocol, and turn it into a VPN client for their users. An example of this is PrivateTunnel, a branded VPN that comes directly from the folks at OpenVPN, including James Yonan, who is also a founder of PrivateTunnel (and its CTO).

At the other end of the spectrum, there are also vendor-neutral OpenVPN clients, such as SecurePoint SSL VPN Client, and OpenVPN MI GUI, both of which are available as free software, although only the former is open source.

TCP and UDP
When used for the transmission of data, OpenVPN can utilize two different protocols: TCP and UDP. The Transmission Control Protocol (TCP) is the more commonly used affair, and is designed for high reliability, as it includes error correction, and is known as a ‘stateful’ protocol. Each time a packet gets sent with TCP, the sender awaits confirmation before sending the next packet, but this transmission overhead slows the connection down.

This frequently translates into higher latencies, generally speaking, although this is variable and dependent on server and client locations.

An alternative protocol that OpenVPN can also employ is UDP, or User Datagram Protocol. Here the communication between the computer and server is much faster, but at the expense of reliability. The data is just sent without waiting for any confirmation, and no data gets retransmitted if it is not received, which is why this is known as a ‘stateless’ protocol.

With a lighter transmission overhead, latency is improved, and it makes sense that UDP gets used for more latency sensitive applications such as video streaming and online gaming.

Bypass benefits
A common use for any VPN is to bypass a firewall, whether at an office or in a restrictive foreign country, with the most commonly cited example of the latter being China with its ‘Great Firewall’.

Of all the VPN encryption protocols, OpenVPN is considered to have a strong suit here, as it can help to circumvent the Deep Packet Inspection (DPI) that these countries use. DPI is a monitoring technology that inspects the traffic passing through it in real-time, but OpenVPN can be adapted to cloak traffic (although the process is somewhat involved).

Unlike other VPN encryption protocols, another strength of OpenVPN is that it is open source. Other mainstream protocols are owned by major internet giants, including PPTP and SSTP which are from Microsoft, and L2TP which is from Cisco.

OpenVPN benefits from having open source code that is freely available for modification and development, and community support to facilitate this. The entire source code for the latest version of OpenVPN, 2.4.4 (as well as older versions), was released in September 2017 and is available for download. Users are also encouraged to file bug reports so developers can continue to improve the source code, and produce regular updates.