• 9
name

I developed an ASP.NET web application which handles sensitive data. I would really like to use 256 bit SSL encryption, but it seems that IIS only supports 128 bit.

Is it somehow possible to get 256bit encryption?
If not, why not and will it be possible in IIS 7.5 or 8.0?

Thanks for help

Don't switch from AES-128 to AES-256. An attack has been found on the latter, that reduces the complexity to an equivalent of 119 bits:

http://www.schneier.com/blog/archives/2009/07/new_attack_on_a.html

Nevertheless, both algorithms are insanely strong for today's standards. There are probably other attack scenarios that are much more likely than a fault on the crypto itself.

  • 0
Reply Report

Warm tip !!!

This article is reproduced from Stack Exchange / Stack Overflow, please click

Trending Tags