OpenSSL ciphers: Difference between revisions

Line 23:

|}

* DES is an old, very weak standard. It is not recommended to use DES unless you have a specific need to as all modern ciphers ~~way~~ surpass the security of DES, with modest compatibility. Disabled in most modern browsers.

== Infomation ==

* DES3 is DES run 3 times with a key whitener. It is slightly more secure than DES, but is still susceptible to attack. ~~It just takes longer~~ to ~~break. Treat the same as legacy DES~~.

* DES is an old, very weak standard. It was one of the original Export Ciphers that could easily be broken by the US Government. It is not recommended to use DES unless you have a specific need to as all modern ciphers surpass the security of DES, with modest compatibility. In this day and age, DES is easily broken in a modest amount of time. Disabled in most modern browsers.

* DES3 is DES run 3 times with a key whitener. It is slightly more secure than DES, but is still considered susceptible to attack. Used in Payment Card EV terminals but it is being recommended to phase out this cipher.

* Seed is an older, more obscure cipher that should only be used if you have a specific need.

* AES is currently the strongest security available, used by NSA for ~~upto~~ top secret ~~documents~~. Modern processors can accelerate encryption/decryption with program support (OpenSSL will use acceleration). ~~Using it at~~ 256 bit ~~will~~ provide ~~you with~~ the best security.

* AES is currently the strongest security available, used by NSA for up to top secret information. Modern processors can accelerate encryption/decryption with hardware and program support (OpenSSL will use acceleration). 256-bit keys provide the best security.

* Camellia was a runner up behind AES. It is ~~just as secure,~~ although a little more obscure than AES. ~~However~~, ~~most browsers that support AES support Camellia too. Recently~~ disabled in modern browsers.

* Camellia was a runner up behind AES. It is a strong cipher although a little more obscure than AES so expect less support. Although secure, it has recently been disabled in modern browsers.

@@ Line 23: / Line 23: @@
 |}
-* DES is an old, very weak standard. It is not recommended to use DES unless you have a specific need to as all modern ciphers way surpass the security of DES, with modest compatibility. Disabled in most modern browsers.
+== Infomation ==
-* DES3 is DES run 3 times with a key whitener. It is slightly more secure than DES, but is still susceptible to attack. It just takes longer to break. Treat the same as legacy DES.
+* DES is an old, very weak standard. It was one of the original Export Ciphers that could easily be broken by the US Government. It is not recommended to use DES unless you have a specific need to as all modern ciphers surpass the security of DES, with modest compatibility. In this day and age, DES is easily broken in a modest amount of time. Disabled in most modern browsers.
+* DES3 is DES run 3 times with a key whitener. It is slightly more secure than DES, but is still considered susceptible to attack. Used in Payment Card EV terminals but it is being recommended to phase out this cipher.
 * Seed is an older, more obscure cipher that should only be used if you have a specific need.
-* AES is currently the strongest security available, used by NSA for upto top secret documents. Modern processors can accelerate encryption/decryption with program support (OpenSSL will use acceleration). Using it at 256 bit will provide you with the best security.
+* AES is currently the strongest security available, used by NSA for up to top secret information. Modern processors can accelerate encryption/decryption with hardware and program support (OpenSSL will use acceleration). 256-bit keys provide the best security.
-* Camellia was a runner up behind AES. It is just as secure, although a little more obscure than AES. However, most browsers that support AES support Camellia too. Recently disabled in modern browsers.
+* Camellia was a runner up behind AES. It is a strong cipher although a little more obscure than AES so expect less support. Although secure, it has recently been disabled in modern browsers.