Request: Default High Encrption

Post your questions about VPN Gate Academic Experiment Service here. Please answer questions if you can afford.
Post Reply
acampeau
Posts: 32
Joined: Mon Dec 01, 2014 2:09 am

Re: Request: Default High Encrption

Post by acampeau » Mon Dec 01, 2014 2:25 am

That job is up to the server admin to set uppon first configuration of the SoftEther server, but I agree, why not rise the default encryption algorithm?

BoredAus
Posts: 115
Joined: Sun Nov 23, 2014 3:29 am

Re: Request: Default High Encrption

Post by BoredAus » Wed Dec 17, 2014 7:36 am

There are really two factors to consider here:

1) Raising encryption level also demands more system resources, this may not be as apparent on volunteers with fairly slow uplink and/or does not have many clients to serve as VPNGate servers are mainly limited to windows machine, which usually boasts decent specifications. Though, you can picture an analogy with a gamer whom decides to also share his/her connection but then finds out that their SoftEther VPN is lagging their gaming experience when they have either set the encryption level too high.

2) Raising encryption level may produce more network overhead, this is particularly annoying especially when not all volunteer connections are fast, each increment of the level may potentially add more overheads which slows down the host connection which in turn affects both the host and the clients on that VPN.

From a more network security point of view, SoftEther VPN's setup is generally secure enough. Unless the host is compromised, transactions between the client and the host are encrypted which requires either the intruder and/or the nosy host to know the actual encryption in order to decipher the information that a normal client requests the host to do. At that, they definitely need to have the relevant skills as well as relevant software/hardware that is capable of doing so. Furthermore, it is not the endpoints that the connection are encrypted, it is usually the transaction in between. If you are looking a very secure VPN host, you should probably invest in one yourself rather than gambling your luck with trying to do internet banking on some volunteer's connection. That is, don't do sensitive stuff such as internet banking over public VPN connections if you are that paranoid.

Post Reply