ExpressVPN is the first DTLS 1.3 powered VPN via wolfSSL

ExpressVPN has merged DTLS 1.3 support into their lightway-core library. This is the library that implements their modern Lightway VPN protocol. Lightway is a new protocol and built from the ground up with privacy, security, speed, and reliability in mind. Currently it depends on DTLS 1.2 and TLS 1.3 but with the addition of DTLS 1.3, it opens up a whole new set of possibilities. Lightway will be able to push what is possible in every aspect. The pull request implements new DTLS 1.3 API’s from wolfSSL.

wolfSSL is the first TLS library to adopt and implement DTLS 1.3. DTLS 1.3 has many improvements over DTLS 1.2 in areas of security and reliability. One of the biggest and most important changes is the addition of acknowledgements to the protocol. In DTLS 1.2, when a peer has detected a network failure (for example a packet was dropped or a timeout has been reached) it had no choice but to resend the entirety of its previous flight. In DTLS 1.3, the peer can just send a minimal acknowledgement packet that also specifies exactly which messages it is missing. It cuts down drastically on how much data has to be transmitted and saves both peers from having to resend entire flights if just a part is missing.

Another advantage of DLTS 1.3 over DTLS 1.2 is that it is based on the TLS 1.3 protocol. TLS 1.3 is currently receiving many exciting new additions and all this work benefits DTLS 1.3 as well. Post-quantum cryptography (PQC) ciphersuites are actively being researched in TLS 1.3 and it is unlikely they will be backported to TLS 1.2. DTLS 1.3 benefits from this research and wolfSSL can support arbitrarily large PQC keys in DTLS 1.3! One more example is the Encrypted Client Hello (ECH) which makes the connection fully private by not leaking any sensitive information (like the Server Name Indication extension) in plaintext. For a full description, please take a look at our ECH feature announcement.

DTLS 1.3 also benefits from the filtered list of available ciphers. Legacy and deprecated algorithms have been removed from the protocol and are no longer supported. All the ciphers are AEAD ciphers that provide increased security and performance.

For a full discussion of the differences between DTLS 1.2 and DTLS 1.3 please see our analysis blog. For any questions regarding DTLS 1.3 and wolfSSL please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now