Here at LimeVPN, we support a number of different security protocols to provide our VPN service. We encourage you to take a closer look and explore the strengths and weaknesses of each and every one of them. The security levels and purposes of these protocols are different, but so are the needs of our customers. We want you to be able to choose freely, but also advise you of what might suit you best.
Open VPN is open-source commercial software that implements virtual private network (VPN) techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls. It was written by James Yonan and is published under the GNU General Public License (GPL)
When used in a multi client-server configuration, it allows the server to release an authentication certificate for every client, using signatures and certificate authority. It uses the OpenSSL encryption library extensively, as well as the TLS protocol, and contains many security and control features.
OpenVPN has been ported and embedded in several systems. For example, DD-WRT has the OpenVPN server function. SoftEther VPN, a multi-protocol VPN server, also has an implementation of OpenVPN protocol.
2. IKEv2/IPsec – (Highly recommended)
IKEv2/IPsec significantly increases security and privacy of the user by employing very strong cryptographic algorithms and keys. LimeVPN uses NGE (Next Generation Encryption) in IKEv2/IPsec.
The ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys. IPsec then secures the tunnel between the client and server using the strong AES256. This is the protocol, which provides the user with peace of mind security, stability, and speed. For these reasons, it is highly recommended by LimeVPN and has been adopted as a default in the LimeVPN apps for iOS and macOS.
Wireguard is the newest and fastest tunnelling protocol the entire VPN industry is talking about. It uses state-of-the-art cryptography that outshines the current leaders OpenVPN and IPSec/IKEv2.
Modern, extremely fast, and insanely lean in its architecture, WireGuard uses state-of-the-art cryptography and is backed by thorough academic research. With this combo, it outshines the current leading protocols – OpenVPN and IPSec. WireGuard consists of only 4000 lines of code, making it easy to deploy, audit, and find bugs. To compare: OpenVPN runs on 400,000 lines of code, meaning that WireGuard would make up only 1% of the massive OpenVPN’s architecture.