Search the Community
Showing results for tags 'ECDSA'.
Found 1 result
Hi, I am not sure if this has been discussed before or if this is the right forum to post it. Kindly correct if there's any issue. While connecting to AirVPN through openvpn client using .opvn configs, the control channel always shows TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 as the cipher suite in the logs throughout all the servers/countries. Since openvpn supports both: TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384; TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 of these ciphers suites, why aren't they the default encryption suites for the connection? ECDHE and ECDSA provide better security than DHE and RSA , respect ively. ECDSA clear ly has an advantage of providing similar security over much smaller key space than RSA , although ECC verifying takes a bit more time. Is the overhead time a concern to not switch to these cipher suites, or is there any other reason ? Please explain. Thank you.