Private Internet Access is happy to announce that an OpenVPN 2.4 audit is going to be completed by noted cryptographer Dr. Matthew Green, assistant professor at the Johns Hopkins Information Security Institute. Dr. Green has a long, distinguished history in the fields of applied cryptography and cryptographic engineering and has previously lead the Truecrypt audit.
Private Internet Access funds OpenVPN 2.4 audit
Private Internet Access has contracted Dr. Green as an independent consultant to do a comprehensive evaluation of the version of OpenVPN that is currently available on GitHub and search for security vulnerabilities. Once OpenVPN 2.4 is out of beta and released, the final version will be compared and evaluated to complete the security audit.
The OpenVPN 2.4 audit is important for the entire community because OpenVPN is available on almost every platform and is used in many applications from consumer products such as Private Internet Access VPN to business software such as Cisco AnyConnect. Instead of going for a crowdfunded approach, Private Internet Access has elected to fund the entirety of the OpenVPN 2.4 audit ourselves because of the integral nature of OpenVPN to both the privacy community as a whole and our own company.
Once the independent audit is completed, Private Internet Access will share the final report with OpenVPN prior to releasing the results to the public. Furthermore, we will work with OpenVPN to ensure that any discovered vulnerabilities are fixed before publishing.
We look forward to verifying the security of OpenVPN 2.4 and will keep the privacy community posted about developments in the OpenVPN 2.4 audit.