OpenVPN functions similar to TLS or HTTPS, which is why it might be referred to as a TLS VPN. (HTTPS is the secure version of the basic internet protocol HTTP, used to protect site authenticity on the internet. Your browser has certificates pre-installed that allow it to verify the integrity of a website, as long as it uses HTTPS. You can verify that a site uses HTTPS properly by looking for the green lock in your browser’s address bar.)
Just like HTTPS, OpenVPN uses certificates to protect the user against man-in-the-middle attacks. With HTTPS there are centralized registrars called Certificate Authorities (CAs). They are cryptographically trusted by your operating system or browser, and they issue and sign certificates for websites. This works in HTTPS because there are common standards to issue and revoke certificates, as well as to attribute the domains they are issued for to a specific owner. OpenVPN clients require you to install the VPN’s certificate yourself, usually by simply saving it on your computer and instructing the OpenVPN client where the file is located.
ExpressVPN uses an RSA certificate identified by the hashing algorithm SHA-512, of the SHA-2 family. The RSA key belonging to the certificate is 4,096 bits long. On modern operating systems, ExpressVPN apps use, at minimum, AES-256 for encryption and SHA-256 for packet authentication.
HMAC stands for keyed-Hash Message Authentication Code. A Message Authentication Code is a protection against data being altered in transit by an attacker who has the ability to read the data in real-time. Out of many possibilities on how to reliably authenticate messages, TLS and OpenVPN use hashes (hence the H in HMAC).
To ensure the integrity and confidentiality of encrypted data even on low-powered hardware, ExpressVPN uses AES-256-GCM. AES is one of the most widely used symmetric encryption standards, based on the Rijndael cipher developed by Belgian cryptographers Joan Daemen and Vincent Rijmen in 1998. The 256 refers to the fixed size of each encrypted block, 256 bits. GCM (Galois/Counter Mode) allows your computer to encrypt multiple packages at once, ensuring that your connection never hangs even for a short moment.
Data-channel encryption protects against your information being visible to the parties that your data travels through. ExpressVPN uses a symmetric encryption scheme, in which the key is negotiated using the elliptic curve Diffie-Hellman key exchange. The ExpressVPN server and your VPN app use clever mathematics to negotiate and verify a secret key that is then used to encrypt the data for the entire session.
Perfect forward secrecy
Perfect forward secrecy means that even if a dedicated adversary were able to compromise your computer or the VPN server during one session, the attacker would not be able to decrypt any traffic from past sessions. That’s because ExpressVPN negotiates a new secret key every time you connect. Even if you remain connected to the VPN for an extended period of time, ExpressVPN automatically negotiates a new key every 60 minutes.
This 60-minute re-keying process guarantees your “forward secrecy,” so the most an adversary could obtain, if they managed to compromise your keys, would be up to 60 minutes of data. The rest is secret going forward.