cryptostorm logo

The VPN service provider for the truly paranoid

This website is also available as a Tor hidden service at this .onion link
and the I2P eepsite at cs.i2p



secret   privacy

Bare metal servers

dedicated servers only

No logs

Our VPN servers never save data that can be used to identify a customer.

Chaining supported

Don't trust that we're not logging?
Use multihop to connect to another VPN (or Tor) before you connect to us.

Open source

no proprietary code

All server-side configs are public

Available for review here.

Security through transparency

(too many) details on how the network operates available on our blog and on our
privacy policy page.

Token-based network access

anonymous authentication

Hashed tokens

Access tokens are hashed before connecting. Compromised or confiscated servers can't be used to identify clients.

Decentralized organization

roots in Iceland, entities worldwide

Financials in several regions

No central office, anywhere.

lock   security

OpenVPN ECC

Ed25519, Ed448, and secp521r1 instances
  • 521-bit EC (~15360-bit RSA)
  • TLSv1.3 supported
  • AEAD authentication
  • 256-bit AES or ChaCha20-Poly1305
  • Resistant to quantum attacks

    OpenVPN RSA

    Our least secure option is stronger than most VPN providers' strongest option
  • 8192-bit RSA server certificate
  • 521-bit EC (~15360-bit RSA) CA
  • 8192-bit DH params
  • 256-bit AES or ChaCha20-Poly1305
  • Safe from padding oracle attacks

    WireGuard

  • ChaCha20 for symmetric encryption, authenticated with Poly1305, using RFC7539's AEAD construction
  • Curve25519 for ECDH
  • BLAKE2s for hashing and keyed hashing, described in RFC7693
  • SipHash24 for hashtable keys
  • HKDF for key derivation, as described in RFC5869
  • Customized systems

  • grsecurity linux-hardened kernels
  • Principle of least privilege practiced
  • Integrity verified
  • Disposable servers
  • users   benefits

    DeepDNS system

    protecting clients before they connect

    encrypted DNS servers

    Chain DNS traffic with Anonymized DNS

    DNSCrypt v2

    Public DNSCrypt servers for encrypting your DNS traffic before you connect

    Transparent .onion/.i2p access

    Direct access to darknets

    Anti-leak protection

    keeping your real IP safe

    DNS-based ad/tracker blocking

    Prevents malicious trackers from working

    Kill switch included

    Many different killswitches available to prevents leaks if disconnected

    Flexible connection options

    bypass restrictive firewalls

    SSH / HTTPS / obfs4 tunneling.

    Obfuscate your VPN traffic to look like SSH or HTTPS traffic, or with obfs4, like nothing

    Connect on any port

    UDP or TCP (1-29999)

    BitTorrent allowed

    Port forwarding supported

    Unlimited bandwidth

    unrestricted access

    No data caps, no throttling

    Redundant load balancing

    Minimizes downtime

    Many IPs to choose from

    Currently over 450 available IPs

    Now with IPv6 support

    globe   server locations

    cryptostorm.is/uptime for the detailed list

    gem   buy now
    The "devices" number below would be the maximum number of devices allowed to connect at the same time.
    If you need to connect more devices, buy more tokens, or buy ones that allow more devices, or setup your router to use cryptostorm.

    credit card ☇ PayPal

    friendly pricing, quick access

    recurring subscriptions USD

    single order USD (non-recurring)

    credit card ☇ CCBill

    supports most prepaid cards

    recurring subscriptions USD

    single order USD (non-recurring)

    Monero / XMR

    no 3rd parties, no email or JS required

    instructional video here

    crypto ☇ NOWPayments

    ~200 cryptocurrencies supported
    (no email or JS needed here either)

    crypto ☇ BitPay

    BTC, ETH, or any other cryptocurrency supported by BitPay

    cogs   connect to cryptostorm

    We use OpenVPN, so if they support your OS, then so do we. We also support WireGuard.




    SHA-512 hash calculator
    heart   social media
    github
    twitter
    keybase




    envelope      email
    support

    support

    fermi

    fermi

    df

    df







    sitemap|live chat|token verify