Table of Contents
Advertisement
Table K-1
Cipher Suites Supported by the SSL Protocol That Use the RSA Key-Exchange Algorithm
Strength Category and
Recommended Use
Strongest Cipher Suite
Permitted for deployments
within the United States only.
This cipher suite is appropriate
for banks and other institutions
that handle highly sensitive
data.
Netscape Console does not
support this cipher suite.
Strong Cipher Suites
Permitted for deployments
within the United States only.
These cipher suites support
encryption that is strong
enough for most business or
government needs.
Cipher Suites
Triple DES With 168-Bit Encryption and SHA-1 Message
Authentication
Triple DES is the strongest cipher supported by SSL, but it is not as fast
as RC4. Triple DES uses a key three times as long as the key for
standard DES. Because the key size is so large, there are more possible
keys than for any other cipher—approximately 3.7 * 10
This cipher suite is FIPS-compliant.
Both SSL 2.0 and SSL 3.0 support this cipher suite.
RC4 With 128-Bit Encryption and MD5 Message Authentication
Because the RC4 and RC2 ciphers have 128-bit encryption, they are the
second strongest next to Triple DES (Data Encryption Standard), with
168-bit encryption. RC4 and RC2 128-bit encryption permits
approximately 3.4 * 10
38
crack. RC4 ciphers are the fastest of the supported ciphers.
Both SSL 2.0 and SSL 3.0 support this cipher suite.
Netscape Console supports only the SSL 3.0 version of this cipher suite.
RC2 With 128-Bit Encryption and MD5 Message Authentication
Because the RC4 and RC2 ciphers have 128-bit encryption, they are the
second strongest next to Triple DES (Data Encryption Standard), with
168-bit encryption. RC4 and RC2 128-bit encryption permits
approximately 3.4 * 10
38
crack. RC2 ciphers are slower than RC4 ciphers.
This cipher suite is supported by SSL 2.0 but not by SSL 3.0.
Netscape Console does not support his cipher suite.
DES With 56-Bit Encryption and SHA-1 Message Authentication
DES is stronger than 40-bit encryption, but not as strong as 128-bit
encryption. DES 56-bit encryption permits approximately 7.2 * 10
possible keys.
This cipher suite is FIPS-compliant.
Both SSL 2.0 and SSL 3.0 support this cipher suite, except that SSL 2.0
uses MD5 rather than SHA-1 for message authentication.
Netscape Console does not support this cipher suite.
possible keys, making them very difficult to
possible keys, making them very difficult to
Appendix K
Ciphers Used with SSL
50
.
16
Introduction to SSL
833
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN