cryptostorm

The VPN service provider for the truly paranoid

Now with WireGuard support!

This website is also available as a Tor hidden service at stormgm7blbk7odd.onion
and a "v3" Tor hidden service at stormwayszuh4juycoy4kwoww5gvcu2c4tdtpkup667pdwe4qenzwayd.onion
and the I2P eepsite at cs.i2p



Privacy

Keep your online activities private




Security

Protect your internet traffic at public WiFi hotspots or from ISP/government surveillance

Benefits

More security features than any other VPN provider



PRIVACY

"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say." - Edward Snowden

Bare metal servers

dedicated servers only

No logs

Our VPN servers never save data that can be used to identify a customer.

Chaining supported

Don't trust that we're not logging?
Use multihop to connect to another VPN (or Tor) before you connect to us.

Open source

no proprietary code

All server-side configs are public

Available for review here.

Security through transparency

(too many) details on how the network operates available on our blog and on our
privacy policy page.

Token-based network access

anonymous authentication

Hashed tokens

Access tokens are hashed before connecting. Compromised/confiscated servers can't be used to identify clients.

Decentralized organization

roots in Iceland, entities worldwide

Financials in several regions

No central office, anywhere.

SECURITY

Someone wearing a tin-foil hat might say we're too paranoid

OpenVPN ECC

Ed25519, Ed448, and secp521r1 instances
  • 521-bit EC (~15360-bit RSA)
  • TLSv1.3 supported
  • AEAD authentication
  • 256-bit AES or ChaCha20-Poly1305
    • Resistant to quantum attacks

    OpenVPN RSA

    Our least secure option is stronger than most VPN provider's strongest option

  • 8192-bit RSA server certificate
  • 521-bit EC (~15360-bit RSA) CA
  • 8192-bit DH params
  • 256-bit AES or ChaCha20-Poly1305
    • Safe from padding oracle attacks

    WireGuard

  • ChaCha20 for symmetric encryption, authenticated with Poly1305, using RFC7539's AEAD construction
  • Curve25519 for ECDH
  • BLAKE2s for hashing and keyed hashing, described in RFC7693
  • SipHash24 for hashtable keys
  • HKDF for key derivation, as described in RFC5869

    • Customized systems

  • grsecurity linux-hardened kernels
  • Principle of least privilege practiced
  • Integrity verified
  • Disposable servers

    • BENEFITS

    Features you won't find anywhere else

    DeepDNS system

    protecting clients before they connect

    encrypted DNS servers

    Chain DNS traffic with Anonymized DNS

    DNSCrypt v2

    Public DNSCrypt servers for encrypting your DNS traffic before you connect

    Transparent .onion/.i2p access

    Direct access to darknets

    Anti-leak protection

    keeping your real IP safe

    DNS/WebRTC leak protection

    Stops IP leaks

    DNS-based ad/tracker blocking

    Prevents malicious trackers from working

    Kill switch included

    Many different killswitches available to prevents leaks if disconnected

    Flexible connection options

    bypass restrictive firewalls

    SSH/HTTPS tunneling

    Make your traffic look like SSH or HTTPS

    Connect on any port

    UDP or TCP (1-29999)

    BitTorrent allowed

    Port forwarding supported
    Safe from the Port Fail vulnerability

    Unlimited bandwidth

    unrestricted access

    No data caps, no throttling

    (except on our free service)

    Redundant load balancing

    Minimizes downtime

    Server locations

    cryptostorm.is/uptime

    BUY NOW

    Can't afford to buy now? Try out our free service: Cryptofree
    The "devices" number below would be the maximum number of devices allowed to connect at the same time.
    If you need to connect more devices, buy more tokens, or buy ones that allow more devices, or setup your router to use cryptostorm.

    credit card☇PayPal

    friendly pricing, quick access

    recurring subscriptions USD

    single order USD (non-recurring)

    credit card☇CCBill

    supports most prepaid cards
    single order USD (non-recurring)

    resellers

            

    Bitcoin☇BitPay

    pay with Bitcoin

    altcoins☇CoinPayments

    support for other popular coins
    over 100 cryptocurrencies supported

    CONNECT TO CRYPTOSTORM

    We use OpenVPN, so if they support your OS, then so do we. We now also support WireGuard.



    Be sure to also check out our blog


    SOCIAL MEDIA







    EMAIL


    infocryptostorm.is

    supportcryptostorm.is

    fermicryptostorm.is

    dfcryptostorm.is







    sitemap | irc chat | token verify