Skip to main content

What is OpenVPN? A closer look at this popular VPN encryption protocol

Once in the realm of the tech elite, VPN software has increasingly been used by the tech masses. This trend has most recently been driven by ISPs selling browsing histories in the US – and therefore, in effect, the user’s privacy – to the highest bidder to facilitate targeted advertising.

With access to robust VPN platforms, users can more closely guard their online privacy, and access other benefits like a better level of security when using public Wi-Fi.

The main pillars of a VPN are security and privacy, and these services use an encrypted tunnel to transmit your data online, with many benefits therein as we’ve previously discussed. When configuring a VPN, there are several choices for encryption protocols which can be used, and among these, one of the more popular options is currently OpenVPN.

Roots of OpenVPN

The OpenVPN project was founded by James Yonan, and was initially released back in 2002. Yonan had a background in software development for the original IBM PC, as well as financial trading. He is still involved with the project, and serves as the CTO of OpenVPN.

One of the reasons OpenVPN is popular is the fact that it supports all the major operating systems, including the expected desktop platforms of Windows, macOS and Linux, as well as the mobile platforms of Android and iOS. It also supports the less common platforms of FreeBSD, QNX, Solaris, Maemo, Windows Mobile and ChromeOS.

The whole point of a VPN security protocol is to provide a high level of security, and OpenVPN excels at this. It includes 256-bit encryption (though the number of bits can be configured at any time by the server operator) via OpenSSL, a widely deployed software library to secure communications across networks. OpenSSL supports encryption in Static Key Mode via pre-shared keys (PSK), and also public key security via client and server certificates. OpenVPN features not only state of the art security, but it’s also highly adaptable via third-party software.

In fact, there are commercial OpenVPN providers that take the OpenVPN protocol, and turn it into a VPN client for their users. An example of this is OpenVPN's consumer VPN PrivateTunnel that comes directly from the folks at OpenVPN, including James Yonan, who is also a founder of PrivateTunnel (and its CTO).

At the other end of the spectrum, there are also other OpenVPN clients, such as SecurePoint SSL VPN Client, and OpenVPN MI GUI, both of which are available as free software, although only the former is open source.

TCP and UDP

When used for the transmission of data, OpenVPN can utilize two different protocols: TCP and UDP. The Transmission Control Protocol (TCP) is the more commonly used affair, and is designed for high reliability, as it includes error correction, and is known as a ‘stateful’ protocol. Each time a packet gets sent with TCP, the sender awaits confirmation before sending the next packet, but this transmission overhead slows the connection down.

This frequently translates into higher latencies, generally speaking, although this is variable and dependent on server and client locations.

An alternative protocol that OpenVPN can also employ is UDP, or User Datagram Protocol. Here the communication between the computer and server is much faster. The data is just sent without waiting for any confirmation, and no data gets retransmitted if it is not received, which is why this is known as a ‘stateless’ protocol.

With a lighter transmission overhead, latency is improved, and it makes sense that UDP gets used for more latency sensitive applications such as video streaming and online gaming.

Bypass benefits

One common use for a VPN is to bypass a firewall, whether at an office or in a restrictive foreign country, with the most commonly cited example of the latter being China with its ‘Great Firewall’.

Unlike other VPN encryption protocols, another strength of OpenVPN is that it is open source. Other mainstream protocols are owned by major internet giants, including PPTP and SSTP which are from Microsoft, and L2TP which is from Cisco.

OpenVPN benefits from having open source code that is freely available for modification and development, and community support to facilitate this. The entire source code for the latest version of OpenVPN, 2.4.4 (as well as older versions), was released in September 2017 and is available for download. Users are also encouraged to file bug reports so developers can continue to improve the source code, and produce regular updates.