What encryption does FREEDOME use to secure the traffic?

Katriina_M

FREEDOME uses strong encryption to encrypt all the network traffic.

Below you can find the exact technical details of the encryption parameters used:

For Android, Windows and macOS/OpenVPN:

• Control channel: TLS, 2048 bit RSA keys with SHA-256 certificates, AES-256-GCM
• Data channel: AES-128-GCM

iOS / IPSEC:

• IKEv1: AES-256 + HMAC-SHA2-256, 2048 bit RSA keys with SHA-256 certificates
• IKEv1 data channel: AES-128 + HMAC-SHA1
• IKEv2: AES_GCM_16_256, 2048 bit RSA keys with SHA-256 certificates
• IKEv2 data channel: AES_GCM_16_256

Diffie-Hellman key exchange is used for Perfect Forward Secrecy (PFS).

Note: The known SHA1 collision resistance issues are not relevant when the hash function is used for HMAC-SHA1. Using the SHA1 hash function in the HMAC algorithm does not require collision resistance.

Related information

• Port configuration for FREEDOME on Android, Mac and Windows
• Port configuration for FREEDOME on iOS