The 'sweet32' vulnerability and why OVPN is not affected by it

author Kristian Bremberg, about Products & features, Online Privacy

A recently published white paper described a practical attack against 64-bit block ciphers. This attack might enable extraction of plain text data from encrypted communication, such as cookies that your browser uses to authenticate users.

64-bit block ciphers have been considered unsafe for a long time, but can provide performance improvements explaining why some VPN providers use it. We want to clarify that OVPN is not affected by this vulnerability anywhere within our infrastructure. Since we've chosen AES256-GCM the strongest possible encryption we remain safe. OVPN have always prioritized security above anything else since older technologies often prove to be more vulnerable than newer ones.

Our customers are thus not affected and do not need to take any action to protect themselves. However, it might be a good idea to update your operating system if you are still using Windows XP.

Kristian Bremberg