Using .ovpn to decrypt connections

[queen14 0]

If a capable attacker gained access to one of my .ovpn files, could they use any of that information to decrypt all of my future server connections?

[zhang888 1067]

No. https://en.wikipedia.org/wiki/Forward_secrecy

However, if a capable attacker got your .ovpn files (for example, from your machine), you have a bigger issue to worry about.

[queen14 0]

 

No. https://en.wikipedia.org/wiki/Forward_secrecy

However, if a capable attacker got your .ovpn files (for example, from your machine), you have a bigger issue to worry about.

 

 

Well, I was thinking more along the lines of an AirVPN account getting hacked. So if someone reset login credentials and generated new .ovpn files... I wondered if it was possible to mess with future connections.

 

But thanks for the Forward Secrecy link.

[greenclaydog 6]

If a capable attacker gained access to one of my .ovpn files, could they use any of that information to decrypt all of my future server connections?

 

The .ovpn being taken at worst means whoever has it can use it to use one of the connections on your account. The .ovpn only contains your key. Everytime you connect a new key is exchanged through Diffie-Hellman key exchange. The key in your .ovpn is only used to establish your session, and a new key is generated specifically for that session and expires in approx. 60 minutes through Perfect Forward Secrecy.

 

If you suspect that your .ovpn has been stolen i would submit a ticket requesting them to be regenerated ASAP to prevent others from using your subscription.