333_half_evil 6 Posted ... Why doesn't Air use SHA2 or SHA3 instead of SHA1? isn't SHA3 more secure than the outdated SHA1? Quote Share this post Link to post
Staff 9972 Posted ... Hello! Old ca.crt certificates signed with SHA1 are no more used: the change occurred a lot of time ago, Furthermore, SHA512 is now the new default "setting" for your client certificate. You can handle your client certificate and key from your account "Client Area", please see here:https://airvpn.org/topic/26209-how-to-manage-client-certificatekey-pairs/ If you refer to OpenVPN channels, SHA1 has never been used (and not usable in OpenVPN). The authentication cipher is HMAC or, if you use an AED-ready cipher with latest OpenvPN versions (AES-256-GCM in our service), the authentication of the packets is performed by the AES cipher itself. Even if you use old OpenVPN versions which rely on HMAC SHA1 and/or do not support HMAC SHA384 and/or AES-GCM, you are perfectly safe (do not confuse HMAC SHA1 with SHA1). The math proof for this claim and additional information are reported here:https://airvpn.org/topic/21914-encryption-algorithm-solved/?do=findComment&comment=58238 Kind regards 1 333_half_evil reacted to this Quote Share this post Link to post
Not connected, Your IP: 3.145.109.244
Online: 26468 users - 343365 Mbit/s total BW