What encryption does SkyDomeVPN use?

The encryption algorithm depends on the VPN protocol you are using:

• NordLynx / WireGuard — ChaCha20 for encryption, Poly1305 for authentication. Fastest modern cipher.
• OpenVPN — AES-256-GCM. The industry gold standard, used by governments and banks.
• IKEv2 / IPsec — AES-256-CBC or AES-256-GCM. Fast and battle-tested on mobile devices.

Post-quantum encryption

SkyDomeVPN supports post-quantum key exchange on NordLynx connections. This means even if a quantum computer were used to record your traffic today, it could not decrypt it in the future — a property known as harvest-now, decrypt-later protection.

Perfect Forward Secrecy

Every VPN session uses a unique set of encryption keys. If one session's keys were ever compromised, all past and future sessions remain secure. This property is called Perfect Forward Secrecy.

Key exchange

Key exchange uses Elliptic Curve Diffie-Hellman (ECDH) on OpenVPN and Curve25519 on WireGuard/NordLynx. These are asymmetric key exchange algorithms that allow two parties to establish a shared secret over an untrusted network.