In OpenVPN 2.4+, both tls-auth and tls-crypt serve as additional security layers for the TLS handshake process, but they implement protection differently:
# tls-auth example (traditional approach)
tls-auth ta.key 1
# tls-crypt example (newer encryption)
tls-crypt tc.keytls-auth provides HMAC authentication while tls-crypt adds full packet encryption:
- tls-auth: Verifies packet authenticity but doesn't encrypt metadata
- tls-crypt: Encrypts entire control channel including packet headers
Here's how to upgrade your config from tls-auth to tls-crypt:
# Generate tls-crypt key (requires OpenVPN 2.4+)
openvpn --genkey --secret tc.key
# Client configuration example
client
tls-client
dev tun
proto udp
remote vpn.example.com 1194
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
tls-crypt tc.key
cipher AES-256-GCM
ncp-ciphers AES-256-GCM
auth SHA512While tls-crypt provides better security, it adds ~30 bytes overhead per packet. For most modern hardware, this impact is negligible:
# Benchmark command
openssl speed -evp aes-256-gcmFor existing deployments, consider this phased approach:
- Generate new tls-crypt keys
- Deploy to test clients
- Monitor performance for 48h
- Roll out to production
tls-crypt specifically protects against:
- Denial of Service (DoS) attacks
- Metadata analysis
- Pre-encryption traffic inspection
In OpenVPN 2.4+, both tls-auth and tls-crypt serve as additional security layers for TLS handshakes, but they operate at different protection levels:
// Traditional TLS-Auth implementation
tls-auth ta.key 0 # Server config
tls-auth ta.key 1 # Client config
TLS-Auth provides HMAC-based authentication of control packets:
- Uses static key (typically 2048-bit)
- Verifies packet authenticity but doesn't encrypt
- Prevents DoS attacks and unauthorized connections
# Example tls-auth handshake flow
1. Client → Server: [UNENCRYPTED] Control Frame + HMAC
2. Server verifies HMAC using shared ta.key
3. Only then proceeds with TLS handshake
Introduced in OpenVPN 2.4, TLS-Crypt adds encryption:
// Modern TLS-Crypt implementation
tls-crypt tc.key # Same on client and server
Key advantages over TLS-Auth:
- Full encryption of control channel (not just authentication)
- Prevents passive observation of handshake metadata
- Uses same key file format but enables AES-256-CBC encryption
| Feature | TLS-Auth | TLS-Crypt |
|---|---|---|
| Encryption | No | Yes (AES-256-CBC) |
| Metadata Protection | Partial | Full |
| Pre-TLS MITM | Possible | Prevented |
| Key Compromise | Authentication only | Full handshake security |
Upgrading your existing config to TLS-Crypt:
# Generate new key (replace ta.key)
openvpn --genkey --secret tc.key
# Update client config
tls-crypt tc.key
cipher AES-256-CBC
auth SHA512
For maximum protection with OpenVPN 2.4+:
- Always prefer
tls-cryptovertls-authwhen possible - Rotate keys periodically (same frequency as TLS certs)
- Combine with strong cipher suites (AES-256-GCM preferred)
- Consider
tls-crypt-v2for per-client keys in newer versions
The key security benefit comes from TLS-Crypt's ability to encrypt the entire control channel before any TLS negotiation occurs, eliminating the window where metadata could be observed during initial handshake phases.