Jump to content
Not connected, Your IP:


Popular Content

Showing content with the highest reputation on 09/29/22 in all areas

  1. 1 point
    Logs. Here's an example. 2022-09-29 21:56:00 Data Channel: using negotiated cipher 'AES-256-GCM' 2022-09-29 21:56:00 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2022-09-29 21:56:00 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Here, the traffic is encrypted using AES-256-GCM. This is negotiated, negotiation is default behavior, but one can explicitly set certain ciphers. They are found on the Specs page. If in doubt, OpenVPN always negotiates AES-256-GCM unless you're running a very old OpenVPN version, then it's CBC.
  2. 1 point
    Actually an interesting question. I've never seen a list of available instruction sets in Apple's Bionic chips. All I know is, they're ARM with a big/little CPU design (that is, part high-clocking CPUs for performance, part low-clocking CPUs for economy) and the newer devices have an ARMv8 CPU. I'd assume with the latter that AES is part of it, so the choice of AES makes sense. You could put this to the test yourself, I think. Connect with both OpenVPN and Wireguard, download something being connected to the same server and keep an eye on CPU usage. That's the idea, can't really help you further than that. I'd correct this to "AES is for devices with AES-supporting CPUs", which is PCs from ~2010 and embedded devices from ~2020. For instance, my phone is aarch64 supporting the AES set, too, so I prefer an AES cipher over ChaCha20. Since I very rarely use a VPN on my phone, I don't have extensive insight on which is better (and for what). But I tend to agree that ChaCha20 is better suited on older models, both security and performance-wise.
  3. 1 point
    Both OpenVPN and Wireguard don't reinvent the wheel here, they do use the ciphers coded somewhere else, which is exactly why OpenSSL is a dependency. So no, it's not limited to OpenVPN or Wireguard.
  • Create New...