What kind of encryption does Windscribe use?
Winder SJun 28, 2022
Divider

Windscribe's encryption varies based on the protocol selected, as well as the format of our app you are using:

OpenVPN
Our OpenVPN implementation uses the AES-256-GCM cipher with SHA512 auth and a 4096-bit RSA key. Perfect forward secrecy is also supported.

IKEv2
Our in-app IKEv2 implementation utilizes AES-256-GCM for encryption, SHA-256 for integrity checks. Desktop and Android apps use ECP384 for Diffie-Hellman key negotiation (DH group 20), and iOS uses ECP521 for Diffie-Hellman key negotiation (DH group 21).

WireGuard
WireGuard is an opinionated protocol that uses ChaCha20 for symmetric encryption, authenticated with Poly1305; Curve25519 for ECDH; BLAKE2s for hashing and keyed hashing; SipHash24 for hashtable keys; and HKDF for key derivation.

Browser Extensions
We use TLS 1.3, ECDHE_RSA with X25519 key exchange and the TLS_AES_256_GCM_SHA384 cipher.