Virtual private networks (VPNs) are a great way to keep your personal information private while browsing the web. Even more so, since many providers now offer VPNs that are optimized for streaming. However, as with all things tech, there are several different VPN protocols to choose between, and not all are created equal. In this blog post, we will discuss the various VPN protocols and which one(s) might be the best fit for your needs. We will also cover some general tips on how to choose the right VPN for your needs.
One of the most popular, if not the most popular, VPN protocols is point-to-point tunneling protocol (PPTP). PPTP was introduced back in 1997 and is the original VPN protocol developed by Microsoft. It is a very simple protocol and was designed to be used for dial-up connections or for offline use. PPTP is one of the least secure protocols around and is often considered by security experts to be one of the worst offenders when it comes to privacy and security issues. Another shortcoming of PPTP is that it doesn’t support any form of encryption, so all of your data is unencrypted and therefore very susceptible to eavesdropping.
Layer two tunneling protocol (L2TP) is the successor of PPTP and was designed to overcome a few of its shortcomings. L2TP was developed by the Internet Engineering Task Force (IETF) and was published as an RFC in 1998. L2TP is somewhat more sophisticated than its predecessor and offers numerous security and privacy enhancements. It uses IPSec for encryption and can also be configured to use a virtual private IP (VPN) to mask your true IP address. L2TP is one of the most popular and most preferred VPN protocols available today.
IPv4 is the most popular IP protocol version today and is the standard used for Ethernet connections, IPv4-hosted forums, and VPNs. IPv4 was developed by the Internet Engineering Task Force (IETF) back in 1983 and was later approved as an international standard by the IETF in 1985. IPv4 offers several advantages over previous versions of IP, namely:
- It is the most popular version today
- It is backward compatible, so existing IPv4-hosted applications will still operate correctly
- It can be automatically updated to maintain security
- and it uses less valuable IP addresses then previous versions of IP
However, IPv4 also has several shortcomings, namely:
- It is less secure than previous versions of IP
- It doesn’t support any form of encryption
- It can’t handle packet reordering, which may result in data loss
- It is limited to 4 billion addresses, which is less than the number of addresses allocated for previous versions of IP
- and it is impossible to have a 256-bit symmetric encryption key (due to security issues)
Layer four (L4) is the newest iteration of the Virtual Private Network protocol and was released as an Internet Draft in late 2016. A lot of different providers support L4, including:
- Buffered VPN
- and more
L4 is considered a “mature” protocol and was designed to provide greater security and privacy than its predecessor, L3.
Secure Sockets Layer (SSL)
Secure sockets layer (SSL) is one of the most popular security protocols used to secure communications between a website and its visitors. It was first released in 1994 and is considered one of the most reliable protocols when it comes to securing a connection. However, the popularity of SSL has caused it to become rather overloaded, and it is no longer recommended to use SSL for new security arrangements.
One great thing about SSL is that it is extremely simple to implement and use. It requires basically no special software to be installed, and it can easily be integrated into an existing website in a matter of minutes. Additionally, since it is a well-known and well-liked protocol, many different vendors have developed products to aid in the encryption and authentication of data. This includes everything from free SSL certificates to fully managed SSL VPNs.
TLS/DTLS, or TLS/Dirty TLS, is the successor of SSL and was released as an RFC in 2014. Like its predecessor, TLS/DTLS is also considered a secure protocol, but it was developed with the express purpose of improving on SSL’s reputation when it comes to security and privacy. The main difference between the two is that TLS/DTLS is highly optimized for speed, whereas SSL is highly optimized for security and privacy.
TLS/DTLS is a “hybrid” protocol, which means that it combines the speed advantages of UDP with the security and privacy advantages of TCP. It also offers a number of optimizations, including:
- UDP zero-copy
- Forward secrecy
- Better protection against eavesdropping
- and more
TLS/DTLS is currently supported by most major web browsers and VPN providers, including:
- and more
The only downside to TLS/DTLS is that it is slightly more complicated to set up and use than SSL. However, if your aim is to secure your communications while browsing the web, it is well worth the effort.
IPv6, or Internet Protocol Version 6, is the latest version of the Internet Protocol suite and it is designed to replace IPv4. IPv6 was originally developed as a military standard back in 1998 and was intended to make the Internet a more secure and reliable network. Unfortunately, IPv6 is still largely considered a “work in progress” by many vendors and service providers, which means that not all applications will support it. Additionally, IPv6 has several flaws and is considered, by many, to be worse than its predecessor when it comes to security and privacy issues.
However, like all good things, there are also some great things about IPv6. Some of its great features include:
- 128-bit encryption keys
- New privacy and security controls
- Simplified connectionless packet transmission
- Automatic identification of hosts
- and more
Unfortunately, IPv6 is also subject to the same shortcomings as its predecessor, IPv4. Namely, it is difficult to set up and maintain, it doesn’t provide any form of security, and it is limited to an address space of 4294967296 addresses. Additionally, IPv6 is rather complex and requires a good understanding of networking to properly use.
Encryption is the process of rendering information unintelligible to anyone who does not have the correct decryption keys. The most popular encryption protocol today is asymmetric encryption, which means that there is more than one key involved in the encryption process, and both keys are needed to decrypt the information. Asymmetric encryption was first released in 1991 and is considered one of the most critical components of a secure network.
There are several different asymmetric encryption algorithms, including RSA (Receiving Setup Authentication), DSA (and its sister, ECC, or Elliptic Curve Cryptography), and more. The most popular asymmetric implementation is RSA with a 4096-bit key size, which is considered to be extremely secure.
Additionally, it is critical to properly secure your communications. This includes both your local network (your home) and the network you are connected to (the Internet). One great way to secure your local network is to install a VPN on your computer or mobile device. Installing a VPN on your device will not only encrypt your traffic, it will also disguise your IP address, ensuring that your communications are private and untraceable. Additionally, make sure that your router is configured to not route any traffic through the VPN.