When looking at VPNs, one thing you'll notice is that many of them advertise the use of different VPN protocols, with the best VPNs even having their own custom-made protocols.
This is all well and good, but in all likelihood the average person doesn't know what a VPN protocol is. This also means that you might not understand the different benefits of various protocols, and which ones you should be using for enhanced security or super-fast speeds.
In this article we'll take you through what a VPN protocol actually is, how they work, and the differences between various protocols.
What is a VPN protocol?
VPN protocols are essentially what makes a VPN work. In a VPN, the protocol is a specific set of rules that dictate how data is sent between your device and your VPN provider’s server.
When you connect to a VPN server, the protocol you’ve picked tells the VPN app on your device exactly how to create a secure and encrypted connection, called a tunnel, between you and the VPN server you’ve chosen to connect to. This tunnel acts as a layer of protection between your online activities and all manner of potential cyber threats, hackers, and prying eyes.
The most secure VPNs also include other tools to help bolster your online security and privacy such as ad and malware blockers, identity theft protection, dark web scanning and more.
What are the different types of VPN protocol?
There are multiple different types of VPN protocol, with each protocol offering varying levels of speed and security. The most commonly used protocols by most, if not all VPN providers are OpenVPN, WireGuard, IPSec and IKEv2.
If you search through VPN providers' websites, you may also see references being made to protocols including L2TP, PPTP, and SSTP. However, these VPN protocols are older and more insecure. As a result of this, most reputable VPN providers don't offer these anymore as they simply don't have the same speeds or levels of protection as OpenVPN or WireGuard.
As well as these commonly used VPN protocols, there are also some protocols that are specific to a provider, such as NordVPN’s NordLynx or ExpressVPN’s Lightway. Both of these protocols are either built from or inspired by WireGuard, but each VPN provider has added their own enhancements.
What encryption do different VPN protocols use?
Another option to consider when choosing a VPN protocol is the encryption algorithm it uses.
The encryption algorithm used by a VPN protocol scrambles your data before it leaves your device, and then unscrambles it when it gets to the other end, making sure it is still readable.
There are multiple different types of encryption algorithms employed by VPN providers, each with their own benefits.
- AES-256. Heralded as the highest-security encryption algorithm due to its use of 256-bit key to scramble data, AES-256 is considered to be a virtually impenetrable encryption algorithm. As a result of this is currently used by the US military and government – and most consumer tools that encrypt your data, too.
- ChaCha20. Preferred by some thanks to its capabilities of higher speeds than OpenVPN, ChaCha20 is an efficient yet secure encryption algorithm. It uses the same 256-bit key to scramble and unscramble data, also known as a symmetric key.
Another aspect of VPN protocols is which network protocol they use. The two most common options are UDP and TCP:
- UDP. UDP stands for User Datagram Protocol, and it sends data over the internet. It is fast and efficient, but less reliable than other ways of sending data – for example TCP. This is due to the fact that it is connectionless, meaning it doesn't establish a prior connection between the two parties the data is being sent between. This makes is a lot faster, but increases the risk of data packet loss during the transfer.
- TCP. Transmission Control Protocol, or TCP, transfers data over the internet by sending data packets to a server. Unlike UDP, it establishes a connection between your device and the server before sending the data, meaning that it ensures all the data arrives at its destination. However, because of this, it is slower than UDP.
Many VPNs offer both UDP and TCP, allowing you to pick which VPN protocol and which network protocol you use.
However, some VPN protocols work better on a specific network protocol, e.g. OpenVPN works best on UDP but can be used on both TCP and UDP.
Which VPN protocol should you use?
All these different protocols vary in terms of speed, security, and compatibility and which one you should use is going to depend on exactly what you need a VPN for.
If your main concern is signing up to one of the fastest VPNs then one that offers WireGuard (or NordLynx/Lightway) is going to be your best bet. This is because this is a lightweight VPN protocol made up of a few thousand words of code. It's built for efficiency, meaning it is far faster than OpenVPN.
However, if security is of a higher concern to you than fast connection speeds, then the tried and tested OpenVPN protocol offers the best security. This open-source VPN protocol was created with privacy and security in mind, utilizing military-grade encryption algorithm AES-256 to ensure that your data is fully protected.
No matter which VPN protocol you end up going for, it's important to take the protocols on offer into account when you’re selecting which VPN provider you want to sign up with. While most of the best VPNs will offer WireGuard and OpenVPN, not every provider will offer every protocol, and especially not provider-specific ones like NordLynx or Lightway. So, if you have your heart set on a specific protocol, it's important to make sure your chosen VPN provider offers this.
Even better, pick a VPN provider who offers a choice of different protocols, so you can test them out and see which one suits your needs best.
