What encryption does FREEDOME use to secure the traffic?

This discussion has a more recent version.
Katriina_MKatriina_M Posts: 445 F-Secure Employee

FREEDOME uses strong encryption to encrypt all the network traffic.

Below you can find the exact technical details of the encryption parameters used:

For Android, Windows and macOS/OpenVPN:

  • Control channel: TLS, 2048 bit RSA keys with SHA-256 certificates, AES-256-GCM
  • Data channel: AES-128-GCM

iOS / IPSEC:

  • IKEv1: AES-256 + HMAC-SHA2-256, 2048 bit RSA keys with SHA-256 certificates
  • IKEv1 data channel: AES-128 + HMAC-SHA1
  • IKEv2: AES_GCM_16_256, 2048 bit RSA keys with SHA-256 certificates
  • IKEv2 data channel: AES_GCM_16_256

Diffie-Hellman key exchange is used for Perfect Forward Secrecy (PFS).

Note: The known SHA1 collision resistance issues are not relevant when the hash function is used for HMAC-SHA1. Using the SHA1 hash function in the HMAC algorithm does not require collision resistance.

Sign In or Register to comment.