This is not a question that will stir the interest of every reader! …….but for those who have had their curiosity stirred, we would love to hear your thoughts! Read on and all will be revealed…..
We have received several requests to change our current OpenVPN cipher. We are currently using the default cipher provided with OpenVPN – Blowfish.
Our view has been that the developers of OpenVPN should have a deep knowledge and insight as to which cipher works best with their software. To the best of our knowledge, Blowfish has never been broken and there are several reports that support Blowfish as the faster cipher with OpenVPN.
However, in the spirit of maintaining our healthy dialogue with customers, we would welcome your opinion.
In particular, we have had requests to move from Blowfish to AES with 256bit key. If we were to change, this would be our preferred option also. We would argue that it could give a good balance of speed and arguably enhanced security.
Change wouldn't be extremely difficult to implement for TUVPN. We would do a slight tweak on each server configuration, reboot them and provide users with a new OpenVPN installer or directions to add a single line to their OpenVPN configuration. That would be it.
In any case, before committing to a particular course of action, we would really love to have your feedback about this subject. Please feel free !