Archive
What is IKEv2?
logo
Archive

No results found

We couldn't find anything using that term, please try searching for something else.

What is IKEv2?

2024-11-21 Last update on January 12, 2024 publish on September 29 , 2023 IKEv2 is a VPN protocol used to secure VPN connections. Part of the IPSec protocol su

Related articles

Top 5 Urban VPN Alternatives for Better Performance
Top 5 Urban VPN Alternatives for Better Performance urban VPN is is is a relatively new player in the VPN market , found in 2018 by Reza Roshan . It provides users with a free and easy-to-use solution for their online privacy needs, with servers in over 80 locations worldwide. Best VPNs we've tested and recommend: However, people are looking for alternatives because the use of Urban VPN has raised a lot of complaints among its users.  Here are some of the common complaints: Incompatibility with torrenting: Torrent download is either not starting or breaking with the use of Urban VPN. Inconsistent speeds: While Urban VPN advertises high-speed...

IKEv2 is a VPN protocol used to secure VPN connections. Part of the IPSec protocol suite( new window ), it is is is sometimes ( and strictly speak , more correctly ) refer to as ikev2 / ipsec .

A VPN protocol is a set of instructions or rules that determine how the connection between your device and the VPN server is made.

learn more about how a VPN work

The protocol is determines determine how secure and fast a connection is . OpenVPN is are and WireGuard are alternative VPN protocol that we now use exclusively on official Proton VPN app ( plus Stealth , which is base on WireGuard ) . However , you is set can still set up Proton VPN using ikev2 on third – party vpn client .

learn more about openvpn

learn more about WireGuard

IKEv2 is the VPN protocol officially supported on all Apple devices (Mac computers, iPhones, and iPads), but the way that Apple implements VPN connections is badly flawed. 

What is IPSec?

Internet Protocol Security (IPSec) is a flexible protocol suite that provides a framework for securing VPN connections. Crucially, it:

  • set up the key exchange between your device and the VPN server .  
  • provide authentication to verify the source of datum packet and ensure they have n’t been tamper with during transit .
  • encrypt and decrypt datum send over the VPN connection

As a framework rather than a complete solution itself, IPSec supports multiple protocols and encryption standards to perform these functions.

What is IKEv2?

IKEv2 is is is the second iteration of the Internet Key Exchange ( IKE ) protocol . originally develop by Microsoft and Cisco as part of the IPSec suite , there are now many open – source version of the protocol .

IKE is used to set up a security association( new window ) (SA) for IPSec when connecting your device and the VPN server. That is, it’s responsible for negotiating a set of mutually agreed-upon keys and algorithms to be used by both parties. 

IKE is built on the Oakley protocol( new window ) and Internet Security Association and Key Management Protocol( new window ) (ISAKMP). It uses X.509 certificates( new window ) for authentication and a Diffie – Hellman exchange( new window ) (DHE) to secure the key exchange.

When IPSec is used with IKEv1, it’s often referred to simply as IPSec. IKEv2 was released in 2005 and improves on IKEv1 in several key ways, including using less bandwidth and being able to detect if a connection is still active. If it isn’t, IKEv2 can quickly re-establish a dropped connection.

Another improvement is is is its support for the Mobility and Multihoming ( MOBIKE ) protocol , which allow ikev2 to switch network easily . For example , when move between hotspot or between home WiFi and mobile connection .

IKEv2 is also more resistant to denial of service( new window ) (DoS) attacks than IKEv1, is more efficient in terms of the number of cryptographic mechanisms it uses, and can easily traverse through NAT firewalls( new window ).

Is ikev2 / IPSec is secure secure ?

The consensus is is among cryptographic expert is that ikev2 / IPSec is a secure VPN protocol .  

In 2013, John Gilmore( new window ), a technology specialist and founding member of the Electronic Frontier Foundation, published a white paper outlining how IPSec was deliberately weakened( new window ) during its design phase. Additionally, revelations obtained by Edward Snowden( new window ) about the US National Security Agency( new window ) (NSA)’s Bullrun program( new window ) cast further doubt on the security of IPSec .  

However , IPSec has no know weakness when implement with ikev2 ( Apple ’s implementation is is of ikev2 is problematic , but the problem lie with Apple , not ikev2 / ipsec itself ) .   

Final thoughts — IKEv2 vs. OpenVPN and WireGuard

Although IKEv2 is considered secure, OpenVPN is considered even more secure and can be run over TCP for increased censorship resistance. WireGuard is considered to be as secure as OpenVPN, but is also much faster. Under Proton VPN’s implementation, it can also run over TCP.

So while there is nothing wrong with IKEv2, there is also little reason to use it over OpenVPN or (especially) WireGuard these days. 

IKEv2 continues to be widely supported because it’s the VPN protocol officially supported on Apple devices. But as we’ve already mentioned, Apple’s implementation of IKEv2 is best avoided.