Skip to main content

What is OpenVPN? A closer look at this popular VPN encryption protocol

(Image credit: Shutterstock)

Once in the realm of the tech elite, VPN software has increasingly been used by the tech masses. This trend has most recently been driven by ISPs selling browsing histories in the US – and therefore, in effect, the user’s privacy – to the highest bidder to facilitate targeted advertising.

With access to robust VPN platforms, users can more closely guard their online privacy, and access other benefits like a better level of security when using public Wi-Fi.

The main pillars of a VPN are security and privacy, and these services use an encrypted tunnel to transmit your data online, with many benefits therein as we’ve previously discussed. When configuring a VPN, there are several choices for encryption protocols which can be used, and among these, one of the more popular options is currently OpenVPN.

Roots of OpenVPN

The OpenVPN project was founded by James Yonan, and was initially released back in 2002. Yonan had a background in software development for the original IBM PC, as well as financial trading. He is still involved with the project, and serves as the CTO of OpenVPN.

One of the reasons OpenVPN is popular is the fact that it supports all the major operating systems, including the expected desktop platforms of Windows, macOS and Linux, as well as the mobile platforms of Android and iOS. It also supports the less common platforms of FreeBSD, QNX, Solaris, Maemo, Windows Mobile and ChromeOS.

The whole point of a VPN security protocol is to provide a high level of security, and OpenVPN excels at this. It includes 256-bit encryption (though the number of bits can be configured at any time by the server operator) via OpenSSL, a widely deployed software library to secure communications across networks. OpenSSL supports encryption in Static Key Mode via pre-shared keys (PSK), and also public key security via client and server certificates. OpenVPN features not only state of the art security, but it’s also highly adaptable via third-party software.

In fact, there are commercial OpenVPN providers that take the OpenVPN protocol, and turn it into a VPN client for their users. An example of this is OpenVPN's consumer VPN PrivateTunnel that comes directly from the folks at OpenVPN, including James Yonan, who is also a founder of PrivateTunnel (and its CTO).

At the other end of the spectrum, there are also other OpenVPN clients, such as SecurePoint SSL VPN Client, and OpenVPN MI GUI, both of which are available as free software, although only the former is open source.

VPN-illustrasjon

(Image credit: Getty Images)

TCP and UDP

When used for the transmission of data, OpenVPN can utilize two different protocols: TCP and UDP. The Transmission Control Protocol (TCP) is the more commonly used affair, and is designed for high reliability, as it includes error correction, and is known as a ‘stateful’ protocol. Each time a packet gets sent with TCP, the sender awaits confirmation before sending the next packet, but this transmission overhead slows the connection down.

This frequently translates into higher latencies, generally speaking, although this is variable and dependent on server and client locations.

An alternative protocol that OpenVPN can also employ is UDP, or User Datagram Protocol. Here the communication between the computer and server is much faster. The data is just sent without waiting for any confirmation, and no data gets retransmitted if it is not received, which is why this is known as a ‘stateless’ protocol.

With a lighter transmission overhead, latency is improved, and it makes sense that UDP gets used for more latency sensitive applications such as video streaming and online gaming.

(Image credit: Shutterstock.com / Askobol)

Open source

Unlike most other VPN encryption protocols, another strength of OpenVPN is that it is open source – free for anyone to check, modify or develop.

The entire source code for the latest version of OpenVPN (and older versions, too) is freely available for download on the OpenVPN site. Users are also encouraged to file bug reports so developers can continue to improve the source code, and produce regular updates.

None of this can guarantee OpenVPN will never have problems, but with more people checking out the code, it's likely any issues will be spotted quickly.

OpenVPN isn't the only quality open source VPN project around, though. WireGuard is another open source VPN protocol which aims to be simpler, more secure and much, much faster than anything else around. It looks to have a lot of promise, and with several VPN providers (including NordVPN) working on support, you'll soon be able to try it for yourself.