cipher-selection – Page 10 – WindowsTechs.com

TLS Cipher Suites for MTA

Posted on March 3, 2017 by Martin Fischer

When configuring a mailgateways TLS Settings, should one stick to the same rules for Cipher Suites as in running a HTTPS Service (prefer EDCHE/DHE,disable SSLv3, not using stuff like RC4, etc.) or should one focus more on compatibility with other MTAs to prevent email getting sent unencrypted.

It seems to me it´s a tradeoff, with using only strong Cipher Suites on the one hand I´m improving the security of a majority of mails transfered because you can´t downgrade on weak Cipher Suites or SSLv3. But on the other hand I give up encryption for some mails because they get sent unencrypted (if the other MTA is extremly old and just supports RC4 for example).

Continue reading TLS Cipher Suites for MTA→

TLS Cipher Suites for MTA

Posted on March 3, 2017 by Martin Fischer

Continue reading TLS Cipher Suites for MTA→

TLSv2 with JDk8 Ciphersuites with MQ8?

Posted on February 12, 2017 by MQ Beginner

I want to know TLSv2 with JDk8 Ciphersuites and specs with MQ8?
I created a jks file on MQ8 with ‘runmqckm’ command on unix
is jks have any dependency on Ciphersuites and Spec on parameter ‘-sig_alg’

https://www.ibm.com/su… Continue reading TLSv2 with JDk8 Ciphersuites with MQ8?→

TLSv2 with JDk8 Ciphersuites with MQ8?

Posted on February 12, 2017 by MQ Beginner

https://www.ibm.com/su… Continue reading TLSv2 with JDk8 Ciphersuites with MQ8?→

Substitution Cipher vs. Permutation Cipher [migrated]

Posted on January 24, 2017 by Akshay Singh

What is the difference between Substitution Cipher and Permutation Cipher?

In a substitution cipher I have seen that there is a random choice of 26 alphabet characters for encryption and decryption and that it can’t be broke… Continue reading Substitution Cipher vs. Permutation Cipher [migrated]→

Disable specific cipher Suite in openjdk

Posted on January 11, 2017 by Mrk

I restricted my jvm (openjdk) to exclude some old ssl/tls algorithms.

I did that via editing $JAVA_HOME/jre/lib/security/java.security to

jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1, TLSv1.1, RC4, MD5withRSA, DH key… Continue reading Disable specific cipher Suite in openjdk→

Why are larger block sizes more desirable?

Posted on October 8, 2016 by ihoaxed

I’ve read three different exceperts from three different information security books, to summarize, this is what they say:

“Block size impacts security, complexity, and performance. A larger
block size is more desirable…. Continue reading Why are larger block sizes more desirable?→

Disable support for static key cipher suites

Posted on September 12, 2016 by kimo pryvt

I have a requirement to disable in the windows 7 computers of the company the support for static key cipher suites.

I have searched and found that this registry key, holds the allowed cipher suites, in a value called Functions.

HKLM\SOFT… Continue reading Disable support for static key cipher suites→

Link between Cipher suites and certificate key

Posted on August 9, 2016 by Secu Noob

I’m trying to understand the SSL/TLS protocol and I’m lost on a specific point.

What is the link between the public server key (eg. : “EC 256 bits” or ” RSA 2048 bits”) and the cipher suites ?

This post give an answer : SSL certificat… Continue reading Link between Cipher suites and certificate key→

How are anonymous cipher suites exploited

Posted on August 8, 2016 by Drifter104

I was testing a new proxy server today with SSL Labs and found that I had somehow included some anonymous cipher suites.

After resolving the problem I decided to find out what problems this could cause and how/why this was e… Continue reading How are anonymous cipher suites exploited→