ExpressVPN launches post-quantum protection
After unveiling a feature-packed update only a week ago, TechRadar’s best VPN service decided to scale up its encryption as quantum computing’s threats loom.
ExpressVPN’s speedy and secure VPN protocol now includes post-quantum protections by default across its Android, iOS, Linux, Mac, and Windows apps. Users need to just update their applications to the latest version to enjoy the additional layer of encryption.
An early pioneer in the VPN industry, the provider seeks to play an active role in the transition to a quantum-safe world. “We are proud to be innovators who are helping to lead the charge for a quantum-safe future in the VPN industry,” Pete Membrey, Chief Engineering Officer at Express told me.
ExpressVPN’s post-quantum protections
As quantum computers get widely accessible, end-to-end encryption is at risk of becoming obsolete. That’s because quantum computing machines can process exponentially more complex processes in just a fraction of the time compared to classical computers, including breaking into today’s encrypted layers.
This may be a decade away still. Yet, “harvest now, decrypt later” attacks are already threatening people’s data. “We believe it is important to stay ahead of the clock and put in protections before quantum computing becomes an immediate threat,” said Membrey.
He and his team of engineers knew this already back in 2020 when they were designing the ExpressVPN Lightway protocol completely in-house. For those unfamiliar with this technology, a VPN protocol refers to the method of encryption used to protect your data.
Membrey’s team decided to keep standard transport layer security (TLS) and datagram TLS (DTLS) implementations, knowing that the DTLS 1.3 update would bring about the needed extension to support more advanced things like post-quantum keys. They then turn to the open-source WolfSSL cryptography library for its higher speeds which would come in handy when adding more complex features.
“When WolfSSL added support for DTLS 1.3, and also integration with the Open Quantum Safe library, it was relatively straightforward for us to upgrade,” Membrey told me, adding that the real work was instead ensuring all the features were secure and reliable.
“That ended up being hundreds of hours of testing and refinement, and a close collaboration with WolfSSL to perfect their implementation for our heavy use case. Once we were confident in our testing, rolling it out was as simple as deciding to enable the feature.”
Introducing our very own post-quantum protection VPN—making us one of the early pioneers in the industry. This enables us to keep you safe online in the face of quantum computing advancements and threats. Now the new default for all users of ExpressVPN. pic.twitter.com/UtBDmKONtoOctober 23, 2023
Express’ WireGuard-inspired protocol is now utilizing algorithms integrated from the Open Quantum Safe team’s liboqs (P256_KYBER_LEVEL1 for UDP and P521_KYBER_LEVEL5 for TCP). Kyber was actually chosen by the National Institute of Standards and Technology (NIST) as the candidate for general post-quantum encryption. Even better, being the protocol open-sourced, everyone can check the new code.
Post-quantum technology is still relatively new, less battle-tested, and unpredictable compared to classical cryptographic algorithms. That’s why the provider decided to blend both new and old encryption keys for now, letting them work together in a hybrid mode harmony.
Membrey said: “A hybrid approach means that users are safe from attacks by classical computers without relying on post-quantum algorithms, and they also have the best chance we know of today of being safe from attacks by quantum computers.”
He confirmed the intention of continuing to lean to the open-source community—ExpressVPN’s Lightway protocol, WolfSSL’s cryptographic libraries, and the liboqs project are all open-sourced, in fact—to keep evolving Express’ post-quantum solutions as the computing space progresses.
The post-quantum race
ExpressVPN might be one of the first VPNs to have implemented post-quantum cryptography, but it’s certainly not the only security software provider walking in the same direction.
Secure email services have already started raising their encryption wall, too. Hannover-based Tutanota announced its project to bring post-quantum cryptography to the cloud back in July, securing a grant and partnership with the University of Wuppertal.
This week, Proton (the firm behind homonymous VPN, email, and drive services) announced that it’s working on quantum-safe encryption algorithms in OpenPGP. The open standard of encryption, the company said it’s available for anyone to use via the free and open-source libraries which it maintains, such as OpenPGP.js and Gopenpgp.
About a month ago the popular messaging app, Signal, added quantum-level encryption to its security infrastructure with its latest update. PureVPN beat many to the punch by rolling quantum-resistant keys back in April 2022.
The race for post-quantum encryption has officially begun—and the time has never been so crucial. Every cryptographer is probably fighting against the clock to solve this quest by now. Yet, Membrey believes Express could have an advantage that many VPNs may not have.
“Lightway was designed specifically to allow us to make such modifications in a simple and standard way,” he says. “Other VPN protocols would need extensive changes to support post-quantum. There are options available, but they are effectively extensions to, or workarounds for the existing protocols. None offer the seamless support that Lightway can offer.”
stereoguide-referencehometheater-techradar