Support Center / Why Proton VPN does not offer a SOCKS5 proxy

Why Proton VPN does not offer a SOCKS5 proxy

Some VPN services offer SOCKS5 proxies. Proton VPN doesn’t, and we never will. In this article, we explain why.

What is a proxy?

A proxy is a server that sits between your device and the internet. This means your internet traffic passes through the proxy server and any website you connect to will only see that server’s IP address and physical location. 

VPN servers, like the ones run by Proton VPN, are a special kind of proxy server.

Learn more about how VPNs work

What is a SOCKS5 proxy?

SOCKS5 is the latest version of SOCKS, a simple proxy protocol originally specified in 1996.

It’s a useful protocol for forwarding all kinds of internet traffic, including File Transfer Protocol (FTP), POP3 and SMTP (used for sending and receiving emails), Internet Relay Chat (IRC), and BitTorrent.

Learn about the difference between a proxy and a VPN

Why Proton VPN does not support SOCKS 5 (and never will)

SOCKS5 does not encrypt your data, so anyone who can intercept your traffic (for example, using a man-in-the-middle attack) can access it. 

This is in sharp contrast to a VPN, where all your device’s internet traffic is routed to the VPN server through a secure encrypted VPN tunnel. Proton VPN’s VPN tunnel is secured using only the most proven and robust VPN protocols. 

For example, Proton VPN secures OpenVPN connections using AES-256, with RSA-4096 to ensure secure TLS key exchange, and HMAC SHA-384 hash authentication to verify the TLS certificates. Data transfer during a session is secured using AES-GCM, and our encryption suite includes a Diffie-Hellman key exchange (DHE) to provide forward secrecy.

WireGuard connections are secured using an amalgam of proven state-of-the-art cryptographic primitives, including the ChaCha20 symmetric key cipher, Poly1305 MAC authentication, a Curve25519 Diffie-Hellman key exchange, and more.

Learn more about our OpenVPN and WireGuard encryption 

SOCKS5 provides none of these security protections, making it fundamentally insecure. For this reason, Proton VPN does not offer SOCKS5 connections and never will. 

What about HTTPS?

HTTPS connections routed through a SOCKS5 proxy are still protected by HTTPS, but HTTPS does not provide the same level of protection as a VPN does. For example, while the actual content of the communication is encrypted, nothing else is. Information such as the Server Name Indication (SNI), destination address, and are left exposed by HTTPS. 

In addition to this, Certificate Authorities (CAs) can be (and have been) pressured by governments to issue HTTPS certificates to dubious websites or hacked by criminals to issue fake certificates.

Research also shows that in a highly targeted attack, it is possible to use HTTPS traffic analysis to uncover the individual web pages a target visits on HTTPS-secured websites. 

Learn more about HTTPS

Secure
your internet

Get Proton VPN
Get Proton VPN

For customer support inquiries, please submit the following form for the fastest response:
Support Form

For all other inquiries:
contact@protonvpn.com


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.10.10
Comment: https://openpgpjs.org

xsBNBFiYeeIBCACpwuYcTsACyjQaqY3tOUonokamGZf3VDuLvcA9nQnu4vlB
n1RFFUJa5Pmf2yZ9EjJFSldTl5lreE3tFf53CcZ9wKa1R6aMnN/0VqURJho0
ZTqevQlCvuJ9kKHkDck3Em0/1WWnhDJgabp+fOa5HAHoAvcNy5gVPuexTT/N
wp6QcfB7w+qFhf73s0bcSn5RC+FAYlQxZVFhFtA7/7LthBVatDJrYLYP9XJd
zOZqz9AX0XZwKal25RcVeGHkNKgloo0bTgro4D88MR7saqXFHTRhy3+Wss7c
uqrh0uIkVmqtadoK/rAbqOyFXQ2DlvSMVrEMLUvwlZbC0taqcKDfNA+FABEB
AAHNLWNvbnRhY3RAcHJvdG9udnBuLmNvbSA8Y29udGFjdEBwcm90b252cG4u
Y29tPsLAfwQQAQgAKQUCWJh54wYLCQcIAwIJEN4dfnhhw11TBBUIAgoDFgIB
AhkBAhsDAh4BAAoJEN4dfnhhw11T6PwIAKgIHTUaEcCFQ5WfmwGpdhRgFe7H
gnHR8UOFPrRKnbCOQgTVPGwCFt8UVFhEgbmtroThU89DpxFSYUOD6nZ2k1X3
X4Q9OsItFUUuhPtLJrkz5ghtZLmsAH/edTRbVU1Ew1E8KbylLFI1J5yId7zR
GdnaTXv/E7P3po5X/b08TFAhXSyYYUbMeQuthbJajtpFygr53lm47cOWa4N8
udqLhmpheaQj04DuqYXOGC08JQn+XbHzhFl5Yvlt9Idk8+7c2UJ0qgWKQ5ZV
mquRAw5HDCQM5OqF1MoImDxOH+tK3PUlvFDsLZ1WPEOHK/EN12sPBx0x1R04
fcPTPdbMwgISGM3OwE0EWJh54gEIALqhrLUpvarPc0nkuHpyJC/MsrIDPLuV
qMc49tgjgDBsyIKJFEP9qCnkSOEixaFi+nTljUSpkHGR+PvEGecmcOdW6djN
QGxon/nwBT9d8HbtxJesaEIzwRAxmqQW9MqNq4UsfNQ0VvUYqV9wEbYfdDT/
jZfz9N0hjFELF1sg3UPcCRijhf162bp+rLQdO9vWVUbOdMQvsM/kyUJ6JMXR
xUtyKC05ddxii2SMr4XUW45ostPbxJybOF5oSZpEb1EIlrTLLPAe/498XlBW
hpRAPe+9ZfNs7drMvUEFnnOXahrXAuaaZpyaS/XBaloqSb1+v2AkUep3dbSF
PaRtbXRMS+kAEQEAAcLAaAQYAQgAEwUCWJh54wkQ3h1+eGHDXVMCGwwACgkQ
3h1+eGHDXVMZ4Qf4hu5N8/uYNDqJMFRIWSCpPGxmyIVXGARG4hgR8gwPZY9K
fReAUndX3uODBNIgZU7I3YntawU1DlP6GpP6yyR/8lfUMNCAXPDmd+zTFYIJ
UDHD8sw2GRrFVzFOKUpAapWFOI4XjSMP2UiK4HgrpUjAhe1wSaa7nEjtAuYT
zFx1QSuQD1iYcOF/FAm7EuhBIfWITjYAobGM6gonPbp3IPHM52rUbulllcdV
vCLs+blcyiVCGZlNcmlg3eibAJJL19TQLqT2DbQvQ/SyVBJGjoT+y4TTRtmZ
cebEjt2KJcc4x2lzPq3z2KJNyJTOTMB+aYD9Ma9IObDds+M/+5XDWi7f
=ueTT
-----END PGP PUBLIC KEY BLOCK-----

You can also Tweet to us:
@ProtonVPN