>Ensure High Security over https

By | November 27, 2012

>

May be you heard about  cipher strength of https connection . As we all aware in first stage https makes asymmetric connection and then in further stages https use symmetric encryption by negotiating an symmetric key and algorithm . Information passed over https use symmetric encryption not  asymmetric encryption. I mean to say after asymmetric public-key handshake data encrypted using symmetric key. You may have query in mind , Why symmetric ?
The answer of this question reside in algorithm used by asymmetric encryption . Asymmetric encryption are far more complex than symmetric encryption and need more resources (cpu,ram etc) . If asymmetric encryption used to encrypt data transferred over http then you will get slower response. 
Symmetric negotiation is result of negotiation between client and server. The symmetric encryption allowed for negotiation can be restricted using configuration file . For example if you are configuring Apache  SSL configuration file for, then following parameter let you control.
SSLCipherSuite HIGH:MEDIUM
In this case client present a list of ciphersuite it willing to use. Now role of server SSLCipherSuite comes into place . Server select favorite from the list but server ensure that due to above configuration only HIGH or MEDIUM cipher get  selected , even though client present Weak cipher its not get selected .

The curiosity may comes in mind that how come we know that what algorithm comes in the category of either HIGH or MEDIUM . Here comes the openssl ciphers command

  

Share itShare on FacebookEmail this to someoneTweet about this on TwitterShare on Google+Share on LinkedInPrint this page

Leave a Reply

Your email address will not be published. Required fields are marked *

Current month ye@r day *