When we created our VPN protocol Lightway, our top priorities were security, privacy, performance, and reliability. We also open-sourced Lightway’s core code and invited independent security experts from Cure53 to audit Lightway twice—in 2021 and 2022—to ensure trust and transparency.
Today, we are pleased to announce that we’ve upgraded Lightway from DTLS 1.2 to DTLS 1.3—bringing a host of further benefits to our users. This also makes ExpressVPN one of the very first commercial services of any kind in the world—certainly the first in the VPN industry—to implement DTLS 1.3.
DTLS 1.3 is the latest version of the Datagram Transport Layer Security protocol, designed to provide secure communication between devices over an untrusted network. This implementation marks a significant milestone in our continuous effort to provide the highest level of security and performance to our users.
Being the first to adopt this technology not only reinforces our commitment to innovation but also sets a new benchmark for the industry. By implementing this protocol, we are ensuring that our users benefit from the most advanced security measures available today.
In this blog post, we explore some of the advantages of this upgrade and how it contributes to a safer and speedier VPN experience.
1. Enhanced security
DTLS 1.3 incorporates stronger cryptographic algorithms and improved authentication mechanisms, ensuring that user data is encrypted and protected from potential threats. The upgraded protocol also enhances protections against eavesdropping, man-in-the-middle attacks, and data tampering. This means Lightway is even more secure than before.
DTLS 1.3 introduces native and lightweight support for rekeying a connection, ensuring that even if an attacker gains access to a session key, previously sent or received data remains encrypted, secure, and out of reach. Although Lightway already provides this level of protection with DTLS 1.2 by using secure renegotiation, rekeying is a simpler, more performant, and more secure upgrade. This enhancement instills further confidence in our commitment to data privacy.
2. Reduced latency and improved performance
Lightway is built for the modern world, where VPN speed and performance are top priorities. DTLS 1.3 brings significant improvements to data transfer efficiency, resulting in faster download and upload speeds, and an overall more reliable online experience. Users can also expect reduced latency and improved throughput performance on Lightway with DTLS 1.3.
The reduced latency provides a more responsive and enjoyable experience for all users—especially those who are engaging in activities like online gaming, video conferencing, or financial trading, where fast response times are essential.
3. Smaller overhead
DTLS 1.3 streamlines the handshake process for negotiating a communication channel, resulting in smaller handshake messages and reduced overhead for each VPN connection. This leads to lower data consumption and reduced bandwidth usage, which is especially beneficial for users on limited data plans.
4. Future post-quantum support
DTLS 1.3 lays a strong foundation for post-quantum cryptographic protocol support in Lightway by introducing support for adding new cryptographic algorithms. While DTLS 1.3 itself does not directly implement post-quantum algorithms, it paves the way for their integration in the future. This ensures that Lightway is well-equipped to adopt and integrate post-quantum cryptographic solutions in the near future.
By prioritizing the groundwork for post-quantum support, we are future-proofing Lightway and ensuring that we can continue to protect users in an ever-changing security landscape.
Update your ExpressVPN apps today
Lightway is built using wolfSSL, a well-established, open-source cryptography library that has been extensively vetted by third parties, including against the FIPS 140-2 standard. To learn more about DTLS 1.3, visit wolfSSL’s website.
The upgrade to DTLS 1.3 in Lightway brings significant benefits to our users and anyone making use of Lightway—offering a safer, speedier, and more enjoyable Internet experience. You can try Lightway with DTLS 1.3 by updating to the latest versions of your ExpressVPN apps, starting from today. We look forward to sharing even more upgrades and improvements on Lightway soon.
Privacy should be a choice. Choose ExpressVPN.
30-day money-back guarantee
Comments
I subscribe to Express VPN.
Is there an added cost to acquire Lightway?
No, it is one of the VPN protocols we offer (it’s the default one in most cases), with no added cost.
Second attempt to post this comment!
Good to see you’ve taken my advice about whimsical descriptions of product updates:
2023 October 12
Windows 12.60.0
In this update, we’ve added a whole suite of new advanced protection features!
These includes:
• Ad blocker: filter out most display ads and stop them from loading and appearing on your browser.
• Parental controls: have more control over you and your family’s digital well-being with our new adult-site blocker.
These new features will roll out gradually to all users.
2023 August 22
Windows 12.56.0
• We trimmed the hedges and pruned the begonias, and now all is right again in your Express VPN garden.
Having said that its great to experience an excellent VPN outside of the communist paradise that is modern China.
This is good. But your VPN still doesn’t yet support an “always-on” kill switch on Windows. So at boot time, until the VPN app connects, the network traffic is exposed. And if your VPN app crashes, my understanding is that the kill switch stops working then too. You talk a lot in this article and others about protecting the user and their data. But there’s currently a big hole in the overall solution in the areas mentioned above