Recently, the question of using AES for SSL has come up in the newsgroups and at some conferences. When IE makes an HTTPS connection to a web server, it offers a list of cipher supported cipher suites. The server then selects the first one from the list that it can match. The default order that IE follows is this:
When you study the list, you'll see that IE presents the algorithms in decreasing order of strength, but places the shorter bit-lengths first. Why? If longer bit lengths are more secure, shouldn't they be listed first?
Remember, encryption is the thing that buys you time against Immutable Law #3. But performing encryption itself takes time. So when choosing an algorithm and a bit length, one important consideration is to ask yourself this question: "How long do I need for my secrets to remain secret?"
We configure IE to use shorter bit lengths -- but never shorter than 128 bits, except for the last two that use no encryption -- because it gives you better performance than the longer bit lengths. In almost all cases, a 128-bit key is more than sufficient to protect the information you're exchanging over HTTPS.
However, if you require something longer, and want to change the default, you can. Here's how.
- Open your group policy editor by entering gpedit.msc at a command prompt.
- Choose Computer Configuration | Administrative Templates | Network | SSL Configuration Settings.
- There's only one item here: SSL Cipher Suite Order. Open it.
- Select Enabled.
- Now here's where you need to tread carefully. You'll see that the list is the same as above, but rather than formatted nicely with carriage returns, they're simply separated with commas. The first item in the list is:
And the second item is:
Cursor your way through the list. Change that first 128 to 256. Then cursor forward a bit more and change the 256 to 128.
- Feel free to change other orders, too, but keep your changes within algorithm types.
- OK your way out, close the group policy editor, and reboot.
Most of you probably won't need to do this -- I haven't. But for those who have regulatory requirements for using 256-bit AES, follow these steps and you'll be compliant.