Get Windscribe
What kind of encryption does Windscribe use?
HELP

Windscribe's encryption varies based on the protocol selected, as well as the format of our app you are using:

OpenVPN
Our OpenVPN implementation uses the AES-256-GCM cipher with SHA512 auth and a 4096-bit RSA key. Perfect forward secrecy is also supported.

IKEv2
Our in-app IKEv2 implementation utilizes AES-256-GCM for encryption, SHA-256 for integrity checks. Desktop and Android apps use ECP384 for Diffie-Hellman key negotiation (DH group 20), and iOS uses ECP521 for Diffie-Hellman key negotiation (DH group 21).

WireGuard
WireGuard is an opinionated protocol that uses ChaCha20 for symmetric encryption, authenticated with Poly1305; Curve25519 for ECDH; BLAKE2s for hashing and keyed hashing; SipHash24 for hashtable keys; and HKDF for key derivation.

Browser Extensions
We use TLS 1.3, ECDHE_RSA with X25519 key exchange and the TLS_AES_256_GCM_SHA384 cipher.

COMMUNITY
Talk to Garry
Feeling completely lost? Contact Support.
r/Windscribe
Find solutions, discuss ideas and share your feelings on our subreddit.
Get in touch
Windscribe
Company
forground_icon© 2024 Windscribe Limited