Key Lengths and Encryption Strength
It is possible for several different ciphers to be used in an SSL transaction. In fact, SSL uses a combination of symmetric and public key ciphers to do its job (see Chapter 12 for a discussion of encryption). The main encryption that is provided by the tunnel is done using symmetric key cryptography. Both the browser and server share a secret key that can be used to encrypt and decrypt the information. This secret key is exchanged securely using public key cryptography.
Symmetric key cryptography is the process by which two or moreparties share the same encryption key. It's like when you share the same house key with people in your family. Only one key locks and unlocks the front door, but each member of the family has a copy of it. SSL uses symmetric key cryptography for one reason: performance. Good performance is critical to a Web server that serves up pages to thousands of visitors. For the server to handle the extra load of encrypting and decrypting information, it needs to streamline the process. Symmetric key cryptography provides a server the most secure method of encryption, combined with moderate decreases in performance. This is as opposed to public key cryptography, which tends to have a higher performance cost. Public key cryptography requires more work on the server's part. It's inevitable that performance will suffer; after all, it takes time and processing power to make the calculations that encrypt and decrypt information.
SSL is offered to Web browsers in U.S. domestic and exportable versions. Because the U.S. has export laws associated with cryptography technology, SSL-enabled software that leaves the country is limited by certain restrictions. The restrictions basically lessen the strength of the encryption. The U.S. government might not want to provide the rest of the world with strong encryption algorithms and software, so it chooses to restrict the encryption strength in exported software.
Within the U.S., the strength of SSL ciphers that can be used has no restrictions. This means that the public keys and symmetric keys can be any key. Most commonly, the public keys are either 1024 or 2048 bits, and the symmetric keys are 128 bits.
Table 9.1 lists some of the encryption laws in the U.S. It shows that the U.S. government imposes limitations on public keys and secret keys used inside the U.S. and exported from the U.S.
| In the U.S. | Exporting from the U.S. |
|---|---|
| Public keys are not limited by law. | Public keys are limited to 512 bits. |
| Secret keys are not limited by law. | Secret keys are limited to 40 bits. |
In general, the strength of the encryption is comparable to the size of the keys used: The larger the key, the stronger the encryption. The U.S. government does not allow keys stronger than 40 bits to be exported for good reason. With the right equipment, it only takes a few hours for 40-bit keys to be cracked. It can take nearly forever to crack a 128-bit key, even with many powerful computers working together.
You might be wondering why a public key is exportable up to 512 bits. The reason is because public keys are generally not as strong as symmetric keys. In fact, a 384-bit public key is nearly equivalent in strength to a 40-bit symmetric key. Although a 512-bit key is extremely strong and nearly impossible to crack, the keys are not used to provide the main SSL encryption. The public keys are only used to set up encryption long enough for the symmetric keys to be securely exchanged. After the symmetric keys are exchanged, they are used to carry out encryption of the transactions during the SSL session.
Tip
 | Go to http://verisign.netscape.com/advisor to learn the encryption strength your Web browser is capable of providing. |