Surfshark today released its brand-new Dausos VPN connection protocol, which the company says elevates three key elements for VPN users: 30% faster speeds than industry-standard protocols, enhanced security with a hybrid post-quantum encryption and dedicated, private server-side tunnels for each individual session.
This means that Dausos should give Surfshark users smoother connections, improved privacy and faster performance to benefit data-heavy activities, like streaming and gaming.
VPN protocols are essentially the rules that determine the encrypted connection between your device and the internet while on a VPN. Long gone are the days when OpenVPN dominated as the hotshot of the VPN protocol world. It’s still a fine protocol with airtight security that can be great when you need stable connections on any network or want to bypass firewalls, but it’s a lumbering hulk that wasn’t built for the speed or security requirements of today’s VPN users.
Modern times call for modern VPN protocols, and Surfshark is the latest of CNET’s top VPN picks to spin up its own proprietary next-generation VPN protocol. Dausos sounds poised to challenge WireGuard as the protocol of choice for Surfshark users who want speedy connections without compromising security.
One of the biggest innovations that Dausos brings to the table is its ability to deliver a dedicated tunnel for each individual user session, which Surfshark says can optimize performance by dynamically adapting to network conditions and device capabilities for each individual connection.
Isolating user’s data traffic is a key element here. “While the risk of cross-traffic exposure in modern VPNs is very low, our unique protocol design goes the extra mile to ensure a clean, private, and secure path for each user’s data,” Surfshark’s lead systems engineer Karolis Kaciulis said in a statement.
Surfshark representatives told me via email that this isolation happens on the server side, and every time a user connects to a server, the server creates a new network interface specific to that user and VPN session. The representative explained that each user gets their own server-side tunnel, so no network space logic or other resources are shared when a user connects via the Dausos protocol. This differs from the traditional method, where the server side has a single network interface that all users of a particular protocol share.
That’s all very technical, but it’s almost like creating a highway specifically for your internet connection, instead of having to share that highway with other users.
“The protocol’s unique design avoids unnecessary and redundant checking of data packets, which enhances connection performance and even further prevents the theoretical possibility of data packets interfering with each other,” Kaciulis said in the press release.
Surfshark also incorporates post-compromise security with its Dausos protocol, which the company says takes the concept of perfect forward secrecy to the next level. With PFS, every time a user connects to a VPN server, a fresh set of ephemeral encryption keys are generated. Every few minutes, a new set of keys is regenerated so that an attacker wouldn’t be able to decrypt a user’s past VPN session data from a single key compromise. However, the new encryption keys are generally derived from the old keys, which means that it could theoretically be possible for an attacker to derive future keys from a past compromised key.
But Surfshark told me via email that with Dausos’ post-compromise security, the new encryption keys are unique and entirely unrelated to any other key, which makes it virtually impossible to decrypt future keys from a past key compromise. Essentially, post-compromise security gives Surfshark users an added layer of privacy.
Dausos also incorporates post-quantum encryption, which can help protect against potential decryption threats from quantum computers in the future. Much like ExpressVPN, Surfshark’s hybrid post-quantum approach helps protect user data simultaneously from today’s threats as well as future threats.
“We introduced numerous steps, some of them never seen in any VPN protocol before, to maximize the security of our protocol,” Kaciulis said in a statement.
To help validate its claims, Surfshark commissioned German security firm Cure53 to run an independent audit of Dausos’ security. Cure53’s source code audit took place between February and March 2026 and focused on the connected architecture and cryptography of the Dausos protocol. The audit flagged eight findings within the Dausos protocol’s scope that Cure53 rated a medium severity or lower — most of which Cure53 says Surfshark immediately addressed.
“With no findings rated at Critical or High severity within the actual Dausos protocol itself, the audit results reflect a stable and resilient platform,” Cure53’s audit summary states. “The Surfshark team demonstrated a significant commitment to security by remediating the majority of the findings immediately following the testing phase.”
The Dausos protocol is currently only available on Surfshark’s MacOS VPN app. However, Surfshark told me via email that the team is actively working toward rolling out Dausos on other platforms “soon,” but cannot yet share a specific timeline.
For more information, check out the VPN settings to enable for optimal privacy, why VPN jurisdiction is critical for your privacy, how to speed up your VPN connection and why VPNs can’t make you completely anonymous online.
Stephan is the sports journalist for the Maple Grove Report.
