GoKawiilSurfshark on Monday released its brand-new Dausos VPN connection protocol, which the company says elevates three key elements for VPN users: 30% faster speeds than industry-standard protocols, enhanced security with a hybrid post-quantum encryption and dedicated, private server-side tunnels for each individual session.
This means that Dausos should give Surfshark users smoother connections, improved privacy and faster performance to benefit data-heavy activities, like streaming and gaming.
VPN protocols are essentially the rules that determine the encrypted connection between your device and the internet while on a VPN. Long gone are the days when OpenVPN dominated as the hotshot of the VPN protocol world. It's still a fine protocol with airtight security that can be great when you need stable connections on any network or want to bypass firewalls, but it's a lumbering hulk that wasn't built for the speed or security requirements of today's VPN users.
Modern times call for modern VPN protocols, and Surfshark is the latest of CNET's top VPN picks to spin up its own proprietary next-generation VPN protocol. Dausos sounds poised to challenge WireGuard as the protocol of choice for Surfshark users who want speedy connections without compromising security.
One of the biggest innovations that Dausos brings to the table is its ability to deliver a dedicated tunnel for each individual user session, which Surfshark says can optimize performance by dynamically adapting to network conditions and device capabilities for each individual connection.
Isolating user's data traffic is a key element here. "While the risk of cross-traffic exposure in modern VPNs is very low, our unique protocol design goes the extra mile to ensure a clean, private, and secure path for each user's data," Surfshark's lead systems engineer Karolis Kaciulis said in a statement.
Surfshark representatives told me via email that this isolation happens on the server side, and every time a user connects to a server, the server creates a new network interface specific to that user and VPN session. The representative explained that each user gets their own server-side tunnel, so no network space logic or other resources are shared when a user connects via the Dausos protocol. This differs from the traditional method, where the server side has a single network interface that all users of a particular protocol share.
That's all very technical, but it's almost like creating a highway specifically for your internet connection, instead of having to share that highway with other users.
"The protocol's unique design avoids unnecessary and redundant checking of data packets, which enhances connection performance and even further prevents the theoretical possibility of data packets interfering with each other," Kaciulis said in the press release.
Surfshark also incorporates post-compromise security with its Dausos protocol, which the company says takes the concept of perfect forward secrecy to the next level. With PFS, every time a user connects to a VPN server, a fresh set of ephemeral encryption keys are generated. Every few minutes, a new set of keys is regenerated so that an attacker wouldn't be able to decrypt a user's past VPN session data from a single key compromise. However, the new encryption keys are generally derived from the old keys, which means that it could theoretically be possible for an attacker to derive future keys from a past compromised key.
... continue reading