How Does a VPN Securely Encrypt Your Connection?


A VPN app on a smartphone.

In case you’re purchasing for a VPN, you’ll have seen how companies boast about having the very best encryption and the way vital it’s that you just safe your connection utilizing cryptography. However how do VPNs encrypt your connection, and are there various kinds of encryption to select from?

VPN Tunnels

To elucidate how VPNs encrypt your connection, we have to first take a look at so-called VPN tunnels. Usually, while you go to a website, you connect with a server operated by your web service supplier (ISP), which redirects you to the positioning you need to go to.

If you use a VPN, you’re rerouting your connection: as an alternative of going from the ISP’s server to the positioning, you first undergo a server operated by your VPN supplier. This provides you a brand new IP tackle, which turns out to be useful for numerous causes, however the VPN additionally performs one other neat trick: it encrypts the connection out of your ISP to the VPN server in what’s known as a tunnel.

A VPN tunnel is an encrypted connection that forestalls anyone else, together with your ISP and the positioning you’re visiting, from monitoring you. (The ISP received’t be capable to see the web sites you’re visiting, and the web sites you’re visiting received’t be capable to see your actual IP tackle.) “Tunnel” is definitely an incredible title for it as it really works kind of like it might in case you had been driving down a highway. Whereas within the open, anyone can see what you’re doing and the place you’re going, however when you enter a tunnel, your whereabouts are anyone’s guess.

In fact, VPN tunnels aren’t made with bricks and mortar; as an alternative, they’re created by so-called VPN protocols, which we’ll take a look at subsequent.

VPN Protocols

To ascertain a VPN tunnel, you must use a VPN protocol, which is a bit of software program that determines how a VPN talks to different machines on the community. A protocol can do lots of various things, however most significantly, it comprises details about what encryption is used and the way visitors is routed by way of the server.

As such, VPN protocols are essential, as they’ll decide the pace and safety of your connection. There are lots of completely different VPN protocols to select from, however the very best allrounder is one known as OpenVPN. It usually presents respectable speeds whereas staying safe, which is in fact the principle purpose why many individuals get a VPN.

Apparently sufficient, VPN protocols usually offers you the choice of what sort of encryption might be utilized in your tunnel, which is what we’ll take a look at subsequent.


VPNs hold your connections safe by way of encryption, which is a technique to make messages unreadable by scrambling them to nonsense. To unscramble them, you want a key, a bit of code that serves because the “lock” for the scramble. This key, normally a mathematical system known as an algorithm, is also referred to as a cipher.

The way it works with VPNs is that your connection is encrypted while you connect with the web—the beginning of the tunnel, so to talk. As soon as it arrives on the different finish, on the VPN’s server, it will get decrypted and despatched alongside to the positioning you’re visiting. The result’s that the positioning sees the VPN’s server IP tackle, and your ISP sees a stream of scrambled info.

Varieties of Encryption

To make sure that info stays secure, you must use an excellent sort of encryption: not all are created equal. Consequently, many VPN suppliers will boast that they provide “military-grade” encryption, which is only a fancy approach of claiming that they use the identical encryption algorithm because the army.

Essentially the most generally used encryption is the superior encryption normal, or AES for brief, which is available in a number of variants. Every variant makes use of a unique variety of bits to encrypt its key—longer presents extra safety. Essentially the most safe is AES-256, which suggests it makes use of a key of 256 bits and would take your laptop computer till the warmth demise of the universe to crack; this text goes over a few of the math.

You possibly can additionally go for utilizing a lighter model like AES-128 which remains to be fairly safe; for most individuals, more often than not it received’t matter that a lot. AES isn’t the one normal, both; it’s simply probably the most acknowledged. You possibly can additionally use an algorithm known as Blowfish; both approach, your connection is safe.

Defending the Key

Nicely, it’s safe apart from one difficulty: the important thing itself additionally must be protected. To take action, it’s normally secured utilizing TLS, or transport layer safety. This know-how is widespread throughout the web and utilized in every kind of know-how, from cloud storage to HTTPS, a protocol you’re utilizing proper now to learn this net web page.

With out TLS, an encrypted message would merely ask the server the place it’s arriving for the important thing to decrypt itself. In that system, it’s very straightforward for a 3rd celebration to sneak in and intercept the important thing supply, that means they might decrypt the message for themselves. TLS prevents this by forcing each message to be queried by a 3rd server which may give the go-ahead to decrypt the message.

We all know it’s all very concerned, however the upshot is that no intruder can crack the ciphers of a VPN tunnel. In case you’re utilizing a VPN they usually take safety critically, there’s virtually no approach through which your connection may be cracked from the skin.

Share post:



More like this