How we made Tegant VPN even faster!

Many of our customers send us regular feedback about Tegant, which is extremely helpful to us and allows us to constantly improve the app. One thing we are often praised for is how fast Tegant is. This feedback has touched us and made us wonder if we could go even further and make Tegant connect even faster!

Faster VPN Photo by Taras Makarenko

At first, it seemed very challenging to seek out ways in which we could make Tegant even faster than it already is. We knew that every time a user taps on the connect button, we had to connect to the central server first to run some checks. Moreover, the central server isn’t always located in the same region as the VPN server itself. Hence, depending on the location of the user, this can slow down the process by a couple of seconds.

To speed up the process even further, we had to find out the whereabouts of a bottleneck and find ways in which to improve it. The performance tests pointed out the database to be the slowest part of the process. So, we laid out a plan for how to improve this.

Relocating the database closer to the central API

Whenever the user presses the start button, certain information and security exchanges have to take place. The VPN app calls the central API, which in turn connects to the database to store or fetch further details about the user. The farther the database is from the API, the more that latency will increase, which leads to a slower experience. Having the database locally, on the same server as the API, will speed up the API’s responsiveness significantly.

Increasing the server’s memory

The next step was to increase the server’s memory. With increased memory available to the server, more tasks can be executed at the same time, which leads to a boost to the system. We wanted to make a big difference, so we doubled the memory.

Spreading the traffic across the servers

Tegant VPN has another feature that makes it unique when compared to other VPNs out there. We have introduced a load balancing feature that spreads traffic evenly across the VPN servers. This method avoids those specific servers that are overused and thus slowed down, while others remain free of such heavy traffic.

When a user taps on the connect button, the central server checks which of the servers is the least busy, and returns the profile of that server to the user’s iPhone. The user’s iPhone is then instructed to connect to this particular given server. This method ensures that users are always connected to the least busy server and always experience the best VPN speed available.

Choosing a faster, and safer password encryption algorithm

Every time the user taps the start button, their credentials have to be verified by our central server before granting access. The password verification that we have used previously was a pure Python implementation of Sha-256. We simulated 10 password encryptions, which took 3.9 seconds to accomplish.

s = """\
from passlib.hash import sha256_crypt
h = sha256_crypt.hash("password")
t = timeit.timeit(stmt=s, number=10)

In comparison, we have utilised Argon2 encryption methodology instead. The same scenario took an impressive 1.7 seconds to accomplish. This is nearly 2.3 times faster, which means that the user has to wait a much shorter time for the connection to be verified and established.

import timeit
s = """\
from passlib.hash import argon2
h = argon2.hash("password")
t = timeit.timeit(stmt=s, number=10)

Argon2 uses a C-based library, which makes it faster than the pure Python implementation of Sha-256 we had before. Using Argon2 over Sha-256 for password encryption doesn’t mean that we have compromised security over speed. Argon2 is, in fact, the latest encryption methodology, which won the Password Hashing Competition in July 2015.

Get Tegant VPN now and try it out for free.