Roqos uses open-source OpenVPN software which is the most trusted VPN implementation available. Our OpenVPN configuration uses 2048 bit Diffie Hellman keys for initial handshake. This DH key is unique per Roqos Core device and created on the device itself. In addition, Roqos uses AES-256-CBC cipher to encrypt the VPN tunnel.
The Certificate Authority (CA) private/public key pair is also created in Roqos Core with an RSA algorithm at 2048 bits and is unique for each Roqos Core. Keys are created when the VPN server is enabled, and destroyed when it is disabled to provide an extra layer of protection. Because new keys are generated when VPN is re-enabled, VPN configuration files on Windows, Linux and MAC laptops need to be updated.