Private Internet Access (PIA) uses the open-source industry-standard OpenVPN protocol to provide a secure VPN tunnel. OpenVPN supports multiple encryption configuration options.
Users can select their preferred encryption level for VPN sessions. Default settings are configured for general use, and most users are advised to keep them unchanged. Advanced users may adjust these settings if needed.
Suggested Encryption Settings
Default Recommended Protection
- Data encryption: AES-128-GCM
- Data authentication: GCM
- Handshake encryption: RSA-4096
Maximum Protection
- Data encryption: AES-256-GCM
- Data authentication: GCM
- Handshake encryption: RSA-4096
Data Encryption:
Data encryption defines the symmetric cipher used to encrypt and decrypt traffic. A shared ephemeral key is exchanged during the handshake process and used for encryption.
All PIA OpenVPN connections use Advanced Encryption Standard (AES) encryption variants.
- AES-128-GCM: Provides faster performance with lower computational overhead.
- AES-256-GCM: Provides stronger encryption with increased computational cost.
What's the difference between AES-CBC and AES-GCM?
Data Authentication:
Data authentication ensures the integrity of transmitted data and protects against active attacks.
GCM (Galois/Counter Mode):
- Designed for block ciphers with a 128-bit block size
- Provides high performance on modern hardware
Handshake Encryption
Handshake encryption is used to establish a secure connection and verify that the user is communicating with a legitimate PIA server.
PIA uses TLS 1.3 for connection establishment. Certificates use SHA-512 for signing.
RSA-4096:
- 4096-bit Diffie-Hellman key exchange
- 4096-bit RSA certificate for server verification
RSA-4096
- 4096-bit Ephemeral Diffie-Hellman (DH) key exchange and 4096-bit RSA certificate for verification that the key exchange really happened with a Private Internet Access server.
Warning about Elliptic Curves
The recent NSA revelations have raised concerns that certain or possibly all Elliptic Curves endorsed by US standards bodies may have backdoors allowing the NSA to more easily crack. There is no proof of this for curves used with signing and key exchange†, and there are experts who think this to be unlikely. We, therefore, give users the option, but display a warning anytime you select an Elliptic Curve setting. We also included the less standard curve secp256k1, which is what Bitcoin uses, was generated by Certicom (a Canadian company) instead of NIST (as the other curves were), and seems to have fewer places to hide a backdoor.
† There is strong evidence that a random number generator that uses ECC was backdoored, but it was not widely used.
Glossary
Active Attacks
An active attack is one where an attacker gets "between" you and the VPN server, in a position where they can modify or inject data into your VPN session. OpenVPN was designed to be secure against active attackers as long as you are using both data encryption and data authentication.
Passive Attacks
A passive attack is one where an attacker simply records all data passing over the network but does not modify or inject any new data. An example of a passive attacker is an entity that performs the dragnet capture and storage of all network traffic but does not interfere with or modify it. As long as you are using data encryption, your OpenVPN session is secure against passive attackers.
Ephemeral Keys
Ephemeral keys are encryption keys that are generated randomly and only used for a certain amount of time, after which they are discarded and securely erased. An ephemeral key exchange is a process by which these keys are created and exchanged. Diffie-Hellman is an algorithm used to perform this exchange. The idea behind ephemeral keys is that once you are done using them and they are thrown away, no one will ever be able to decrypt the data that they were used to encrypt, even if they eventually got full access to all the encrypted data and to both the client and the server.