cipher-selection – Page 6 – WindowsTechs.com

IPsec installed algorithms

Posted on June 10, 2019 by Dario Blair

What happens if a laptop and a server don’t have a encryption algorithm in common?

Does IPSec abort the connection or does it always have default algorithms?

Continue reading IPsec installed algorithms→

ServerHello selecting unavailable cipher suite

Posted on June 3, 2019 by Naveen

I am migrating a legacy Java application from OracleJDK to OpenJDK (Redhat distribution). This application makes a connection to the RabbitMQ server using the client certificate. The TLS connection (with 1.2 protocol) works f… Continue reading ServerHello selecting unavailable cipher suite→

How do I know which cipher suites can be disabled?

Posted on May 14, 2019 by Martijn

I have just performed a test on my personal webiste via SSLlabs.com and I’m apparently supporting some weaker ciphers. I’ve managed to improve several settings (like CAA), but I’m getting stuck at the ciphers.
I’ve been looki… Continue reading How do I know which cipher suites can be disabled?→

How to filter ciphers based on ssl certificate?

Posted on April 17, 2019 by harsh3547

I have many ssl certificates.
On one of the certificates I run the command openssl x509 -in cert.pem -text -noout
it shows:

Signature Algorithm: ecdsa-with-SHA256
Public Key Algorithm: id-ecPublicKey

Based on the info fro… Continue reading How to filter ciphers based on ssl certificate?→

I don’t know what cipher/cryptography this is need. But I desperately need to solve it

Posted on March 6, 2019 by user201189

E 4W4 QOSEPA NAPCJARAP, ZEJN VCRH JMCQRSPA QAANCKT CK RHPMSTH RHA IPEIFQ MB RHA QRMKA-AZTAZ VEGGQ MB RHA EPIHECI VHCRA VEPZ. EK CPMK – IHAQRAZ TERA, VPMSTHR VCRH E PAZZCQH-LPMVK IMERCKT QNPAEZCKT EIPMQQ RHA QMBR, QCGUAP MB RH… Continue reading I don’t know what cipher/cryptography this is need. But I desperately need to solve it→

OpenSSL Padding Oracle. Specific Ciphers on apache2 seems a little limited

Posted on February 28, 2019 by confused_unicorn

I’ve seen a lot of articles giving the official explanation on how to prevent OpenSSL Padding Oracles, Usually all of them state that its CBC cipher suites that leave you vulnerable.

The following list works for me, and get… Continue reading OpenSSL Padding Oracle. Specific Ciphers on apache2 seems a little limited→

What means that the same ciphersuite is both enabled and disabled in Java JSSE?

Posted on February 22, 2019 by Alameyo

I am looking into documentation for JSSE ciphersuites in Java.

https://docs.oracle.com/en/java/javase/11/security/oracle-providers.html#GUID-7093246A-31A3-4304-AC5F-5FB6400405E2

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 is … Continue reading What means that the same ciphersuite is both enabled and disabled in Java JSSE?→

How to disable obsolete/insecure TLS_RSA ciphers to harden Chrome? [on hold]

Posted on February 10, 2019 by Tyler

Multiple vulnerabilities have basically obsoleted TLS_RSA, CBC and QUIC implementations.

February 9, 2019:

“Seven researchers from all over the world found –yet again– another
way to break RSA PKCS#1 v1.5, the most c… Continue reading How to disable obsolete/insecure TLS_RSA ciphers to harden Chrome? [on hold]→

What are the best ciphers in terms of performance for SSH tunnel?

Posted on January 6, 2019 by Oleg

From a security standpoint, there are few good cipher options to use with SSH, such as ChaCha20, AES 128/256 GCM/CTR. As I understand (please correct me if I wrong), all of these offer pretty strong encryption.

However, what… Continue reading What are the best ciphers in terms of performance for SSH tunnel?→

Understanding Cipher suite prefixes

Posted on July 16, 2018 by KESHAV K

I have been lately reading cipher suites and how it works. I figured how it works in the web servers and there is a doubt regarding the prefixes used in the order.

How are RC4-SHA and RC4+SHA different?

Can anyone give a be… Continue reading Understanding Cipher suite prefixes→