Decentralized VPNs (dVPNs): What are they?

Decentralized VPNs (dVPNs) are more secure than traditional VPNs for a simple reason: they don't have central points of failure (and attack).

When we are online our privacy is constantly under threat. Both entities trying to violate people's privacy and those who try to protect it are always developing new ways to reach their goal. One of the most advanced ways to protect our online privacy is using decentralized technologies.

When they arrived on the market VPNS (Virtual Private Networks) seemed to be the best protection for users' privacy. What a VPN does, is encrypting and rerouting the users internet traffic and doing so they grant a certain degree of anonymity, privacy, and security online

However, given recent developments with data breaches and surveillance, the security architectures of these traditional VPNs cannot protect us enough. This is because they centralize our data.

What can a decentralized VPN do?

Think of a dVPN as first making a puzzle out of you and your data. It then distributes all the pieces to different people to carry. If the puzzle is a message, a dVPN makes it so that the full picture of it arrives securely without being viewed or intercepted on its journey. If it’s an activity intended to be covered up, then it can never be seen all at once or traced back to you. This is a revolutionary step in online privacy and security.

With dVPNs, we no longer need to put our trust in the hands of sole VPN companies to keep our data safe. Given the exploitation of our metadata and government pressure to turn over user data, this is something VPNs are increasingly unable to do. Thankfully, we can now leverage the power of decentralized networks and advanced encryption to stay anonymous online.

In this article you will understand how decentralized VPNs work, how they are different from traditional ones and why they are better for your privacy.

How is a decentralized VPN different from a VPN?

When we turn to a VPN, we expect our identity, data, and activities to be hidden and protected. However, VPNs often fail to absolutely guarantee our privacy because they centralize user data. dVPNs are novel in eliminating this security vulnerability. Check out this article if you want to explore all the differences between dVPNs and traditional VPNs.

Routing our data

Essentially, both traditional VPNs and dVPNs are encrypted networks through which user data is routed to conceal our identities and activities.

The difference is that decentralized VPNs have a very different architecture that provides a higher level of security and anonymity. Their decentralization of user data accomplishes this by routing all our online activity without any central control or logging. Let’s consider the difference.

A VPN functions like a proxy. When we do something online with a VPN, our traffic is encrypted and routed through the VPN’s own server(s). Among other things, this hides our unique IP address, replacing it with the IP address of the VPN. So if prying eyes try to see who is reading something online, for example, it will appear that the VPN is the reader, not you.

With a VPN, we give all the potential pieces of our puzzle to one trusted party so that they can safely relay it. This includes our IP addresses, metadata, what we’re doing online, etc. To a certain extent, this might effectively mask our identity in most day to day circumstances.

However, a dVPN protects us in a much more sophisticated way. It instead gives each piece of the puzzle to a different person to transmit. This not only hides our identity, but also prevents the whole picture from being seen by any one person or at any one point.

Centralized and decentralized VPN architectures

The differences between these choices has to do with the actual architectures upon which VPNs and dVPNs are constructed. A VPN relies on central servers owned and controlled by its service provider to function as a single proxy. This also means that it has a central point of control and failure which can be exploited by hackers or external surveillance.

Alternatively, a dVPN distributes user data across a decentralized network of multiple “nodes.” Rather than a single proxy, a dVPN’s nodes are multiple servers which are independently operated and unlinkable. With a dVPN, your online activities can finally be free of the risks posed by centralized coordination or logging.

VPNs and dVPNs both offer encrypted means for rerouting and masking our online activities. But their underlying architectures provide fundamentally different security protections. Even if a traditional VPN encrypts your data, it is still centrally routed. With a dVPN, your data is safer by never being legible from any one place.

With a dVPN, surveillance by third parties becomes exceedingly difficult and data breaches nearly impossible.

A closer look at how decentralized VPNs work

Decentralize

Decentralized VPNs use a network of independent nodes/servers. When you use a dVPN, your internet traffic is sent to these nodes before reaching the website you're trying to visit. This makes it (almost) impossible for other entities to spy on your internet activities. One important point is that the nodes are not property, nor operated by the decentralised VPN company and this makes. A traditional VPN instead relies on a set of servers that are in control of the VPN company, which means that if the company receives a cyber attack or leaks its data your data could be exposed too.

Imagine that your internet traffic traces are a puzzle and to spy on you, adversaries need to complete the puzzle. If you are using a decentralised VPN all the puzzle's pieces are kept in separate boxes that are kept in separate locations. If you are using a traditional VPN all the pieces are in the same box. Having the pieces all in one place makes it easier to put them together and get the full picture.

Targeting centralized servers is a key objective for hackers and surveillance. To counter this, the nodes of a dVPN are strategically dispersed across different geographical locations. Decentralizing user data in this way makes it more difficult for certain authorities and adversaries to track and exploit us.

The number of hops that a dVPN service can provide will naturally determine its level of protection. But multiple hops can also mean increased latency or slowness in transmission. For this reason it is important to carefully consider what a dVPN service can provide. For maximal security, users can sometimes choose up to five hops, which a service like NymVPN uniquely provides.

Encrypt

Building on VPN technology, encryption is key for dVPNs. dVPNs use public-key cryptography and digital signatures to verify users and data integrity. To ensure confidentiality, user data in a dVNP is encrypted using robust algorithms such as AES or RSA. This establishes trusted connections between network nodes, allowing only authorized parties to exchange data.

Don’t trust, stay anonymous

With a VPN, one company serves as the single relay, effectively centralizing all the pieces to the full picture of our activities. However encrypted our data may be, it all passes through their servers and can be potentially logged by them. In their hands, our data is protected only if these companies have secure enough infrastructures in place. It also requires our trust that they will fulfill their own user agreements on privacy.

Why choose a decentralized VPN over a no-logs policy?

Some will still wonder why it’s not enough to just trust a “no-logs” policy offered by a VPN? This boils down to a question of trust. Do we trust that the service provider will uphold their privacy commitment? Or can a decentralized structure remove this uncertainty altogether?

Through no-logs policies, VPNs attempt to gain the trust of users by pledging to ostensibly not track their online activities, session times, or connections. For this reason, many users choose VPNs with strict no-logs policies for anonymity and data privacy. But there are still important risks to consider here that dVPNs can avoid altogether.

While a no-logs policy promises privacy and data security, users must ultimately trust that the VPN provider will in fact follow through on what they promise to do in terms of your privacy. These practices might at any time be compromised, for instance, under governmental pressure or simply by data breaching or malicious attacks. These risks are possible for architectural reasons, so let’s return to the question of what to do with all our puzzle pieces.

By giving all the pieces of our information to someone we think we can trust, we might forget some risks. Most obviously, these individuals might not actually be trustworthy. They might be compelled, for instance, to give all the pieces to another party. Trustworthy individuals might also simply fail to safeguard our puzzle: they might lose pieces, or some might be stolen. Data breaches, metadata harvesting, and hacking are real risks we all face.

dVPNs give us a way to avoid all of these uncertainties. Imagine: no central points of access or vulnerability, and no individual point which could compromise the whole. With traditional VPNs we have to rely on trust, but why not rely on a decentralized infrastructure to do all the work? Without our data ever being located and legible in one spot, our overall privacy and security are better ensured.

Decentralized VPNs downsides

A higher privacy comes with a price, that's why often decentralized VPNs are slower than traditional VPNs. This is caused mainly by the fact that they network of nodes/servers is distributed and run by independent operators that volunteer themselves to mantein the network.

NymVPN is trying to solve this by giving a reward to operators who help manteining the network.

Choosing the best decentralized VPN

In the growing field of online privacy and security, many decentralized VPN platforms have appeared offering distinct features.

Here you can find some of the best decentralized VPns available:

• Orchid Protocol: this is a multi-hop decentralized VPN built using the blockchain technology.
• Mysterium Network: also this VPN is built on blockchain. Its decentralized network is one of the largest in the world.
• Sentinel: Sentinel software is open-source which makes it a more transparent option.
• NymVPN: NymVPN is a new kind of decentralized VPN based on a mixnet and tries to solve the issues of decentralized VPNs while keeping the promise of a enhanced privacy.