{"id":5516,"date":"2019-05-02T13:30:12","date_gmt":"2019-05-02T17:30:12","guid":{"rendered":"https:\/\/www.thesslstore.com\/blog\/?p=5516"},"modified":"2025-10-16T15:49:55","modified_gmt":"2025-10-16T19:49:55","slug":"what-is-256-bit-encryption","status":"publish","type":"post","link":"https:\/\/www.thesslstore.com\/blog\/what-is-256-bit-encryption\/","title":{"rendered":"How strong is 256-bit Encryption?"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\" id=\"h-it-says-256-bit-encryption-strength-is-that-good\">\u201cIt says 256-bit encryption strength\u2026 is that good?\u201d<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Most people see the term 256-bit encryption bandied about all the time and \u2013 if we\u2019re being honest \u2013 have absolutely no idea what it means or how strong it is. Once you go beyond the surface-level, \u201cit scrambles data and makes it unreadable,\u201d encryption is an incredibly complicated subject. It\u2019s not a light read. Most of us don\u2019t keep a book about modular exponentiation on the end table beside our beds.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That&#8217;s why it\u2019s understandable that there would be some confusion when it comes to encryption strengths, what they mean, what\u2019s \u201cgood,\u201d etc. There\u2019s no shortage of questions about encryption \u2013 specifically 256-bit encryption. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Chief among them: How strong is 256-bit encryption?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So, today we\u2019re going to talk about just that. We\u2019ll cover\nwhat a bit of security even is, we\u2019ll get into the most common form of 256-bit\nencryption and we\u2019ll talk about just what it would take to crack encryption at\nthat strength. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Let\u2019s hash it out.<span id=\"newline\"><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-a-quick-refresher-on-encryption-in-general\">A quick refresher on encryption, in general<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">When you encrypt something, you\u2019re taking the unencrypted\ndata, called plaintext, and performing an algorithmic function on it to create\na piece of encrypted ciphertext. The algorithm you\u2019re using is called the key. With\nthe exception of public keys in asymmetric encryption, the value of the\nencryption key needs to be kept a secret. The private key associated with that\npiece of ciphertext is the only practical means of decrypting it. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Now, that all sounds incredibly abstract, so let\u2019s use an example. And we\u2019ll leave Bob and Alice out of it, as they\u2019re busy explaining encryption in <a href=\"https:\/\/en.wikipedia.org\/wiki\/Alice_and_Bob\">literally every other example on the internet<\/a>. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Let\u2019s go with Jack and Diane, and let\u2019s say that Jack wants to send Diane a message that says, \u201cOh yeah, life goes on.\u201d <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Jack\u2019s going to take his message and he\u2019s going to use an algorithm\nor cipher \u2013 the encryption key \u2013 to scramble the message into ciphertext. Now\nhe\u2019ll pass it along to Diane, along with the key, which can be used to decrypt\nthe message so that it\u2019s readable again. <\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"303\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Primitive-Encryption-1024x303.png\" alt=\"\" class=\"wp-image-10578\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Primitive-Encryption-1024x303.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Primitive-Encryption-300x89.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Primitive-Encryption-768x227.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Primitive-Encryption.png 1251w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">As long as nobody else gets their hands on the key, the\nciphertext is worthless because it can\u2019t be read. <\/p>\n\n\n<span style=\"--tl-form-height-m:150.25px;--tl-form-height-t:121.4583px;--tl-form-height-d:121.4583px;\" class=\"tl-placeholder-f-type-shortcode_12753 tl-preload-form\"><span><\/span><\/span>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-how-does-modern-encryption-work\">How does modern encryption work?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Jack and Diane just demonstrated encryption at its most\nbasic form. And while the math used in primitive ciphers was fairly simple \u2013\nowing to the fact it had to be performed by a human \u2013 the advent of computers\nhas increased the complexity of the math that undergirds modern cryptosystems.\nBut the concepts are still largely the same. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A key, or specific algorithm, is used to encrypt the data,\nand only another party with knowledge of the associated private key can decrypt\nit. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In this example, rather than a written message that bleakly opines that life continues even after the joy is lost, Jack and Diane are &#8216;doing the best they can&#8217; on computers (still &#8216;holdin\u2019 on to 16&#8217; \u2013 sorry, these are John Mellencamp jokes that probably make no sense outside of the US). Now the encryption that\u2019s about to take place is digital.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"142\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Modern-Encryption-1024x142.png\" alt=\"256-bit encryption\" class=\"wp-image-10579\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Modern-Encryption-1024x142.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Modern-Encryption-300x42.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Modern-Encryption-768x107.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Modern-Encryption.png 1050w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Jack\u2019s computer will use its key, which is really <a href=\"https:\/\/www.thesslstore.com\/blog\/explaining-ssl-handshake\/\">an extremely complicated algorithm that has been derived from data shared by Jack and Diane&#8217;s devices<\/a>, to encrypt the plaintext. Diane uses her matching symmetric key to decrypt and read the data.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-but-what-s-actually-getting-encrypted-how-do-you-encrypt-data\">But what\u2019s actually getting encrypted? How do you encrypt \u201cdata?\u201d<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">In the original example there were actual letters on a physical piece of paper that were turned into something else. But how does a computer encrypt data? <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That goes back to the way that computers actually deal in data. Computers store information in binary form. 1\u2019s and 0\u2019s. Any data input into a computer is encoded so that it\u2019s readable by the machine. It\u2019s that encoded data, in its raw form, that gets encrypted. This is actually part of what goes into <a href=\"https:\/\/www.thesslstore.com\/blog\/how-to-convert-a-certificate-to-the-correct-format\/\">the different file types used by SSL\/TLS certificates<\/a>, it\u2019s partially contingent on what type of encoding scheme you\u2019re trying to encrypt.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Related<\/strong>: <em>Secure Your Website with a <a href=\"https:\/\/www.thesslstore.com\/comodo\/comodo-ssl-certificates.aspx\" target=\"_blank\" rel=\"noreferrer noopener\">Comodo SSL Certificate<\/a>.&nbsp;<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So Jack\u2019s computer encrypts the encoded data and transmits\nit to Diane\u2019s computer, which uses the associated private key to decrypt and read\nthe data. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"238\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/bigstock-Binary-Code-Data-Encryption-L-294813880-300x238.png\" alt=\"\" class=\"wp-image-10580\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/bigstock-Binary-Code-Data-Encryption-L-294813880-300x238.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/bigstock-Binary-Code-Data-Encryption-L-294813880.png 431w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Again, as long as the private key stays, you know\u2026 private,\nthe encryption remains secure.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Modern encryption has <a href=\"https:\/\/www.thesslstore.com\/blog\/public-key-cryptography-key-exchange\/\">solved the biggest historical obstacle to encryption<\/a>: key exchange. Historically, the private key had to be physically passed off. Key security was literally a matter of physically storing the key in a safe place. Key compromise not only rendered the encryption moot, <a href=\"https:\/\/www.thesslstore.com\/blog\/the-babington-plot\/\">it could get you killed<\/a>. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the 1970s a trio of cryptographers, Ralph Merkle,\nWhitfield Diffie and Martin Hellman, began working on a way to securely share\nan encryption key on an unsecure network with an attacker watching. They succeeded\non a theoretical level, but were unable to come up with an asymmetric\nencryption function that was practical. They also had no mechanism for authenticating\n(but that\u2019s a totally different conversation). Merkle came up with the initial\nconcept, but his name is not associated with the key exchange protocol they\ninvented \u2013 despite the protests of its other two creators. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">About a year later Ron Rivest, Adi Shamir and Leonard Adleman created an eponymous key exchange method based on Diffie-Hellman key exchange (<a href=\"https:\/\/www.thesslstore.com\/blog\/bleichenbachers-cat-rsa-key-exchange\/\">RSA<\/a>), one that also included encryption\/decryption and authentication functions. This is relevant because it was the birth of a whole new iteration of encryption: asymmetric encryption. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">They also gave us the aforementioned Bob and Alice, which to me at least, makes it kind of a wash. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Anyway, understanding the difference between symmetric and asymmetric encryption is key to the rest of this discussion. <\/p>\n\n\n<span style=\"--tl-form-height-m:861.156px;--tl-form-height-t:899.625px;--tl-form-height-d:899.625px;\" class=\"tl-placeholder-f-type-shortcode_12653 tl-preload-form\"><span><\/span><\/span>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-asymmetric-encryption-vs-symmetric-encryption\">Asymmetric Encryption vs. Symmetric Encryption<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.thesslstore.com\/blog\/symmetric-encryption-101-definition-how-it-works-when-its-used\/\">Symmetric encryption<\/a> is sometimes called <a href=\"https:\/\/www.thesslstore.com\/blog\/difference-encryption-hashing-salting\/\">private key encryption<\/a>, because both parties must share a symmetric key that can be used to both encrypt and decrypt data. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"150\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/symmetric.png\" alt=\"Symmetric encryption\" class=\"wp-image-10587\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/symmetric.png 700w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/symmetric-300x64.png 300w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Asymmetric encryption on the other hand is sometimes called public key encryption. A better way to think of asymmetric encryption might be to think of it like one-way encryption. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As opposed to both parties sharing a private key, there is a key pair. One party possess a public key that can encrypt, the other possesses a private key that can decrypt. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"701\" height=\"151\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/Asymmetric.png\" alt=\"\" class=\"wp-image-10588\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/Asymmetric.png 701w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/Asymmetric-300x65.png 300w\" sizes=\"auto, (max-width: 701px) 100vw, 701px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Asymmetric encryption is used primarily as a mechanism for exchanging symmetric private keys. There\u2019s a reason for this, asymmetric encryption is historically a more expensive function owing to the size of its keys. So public key cryptography is used more as an external wall to help protect the parties as they facilitate a connection, while symmetric encryption is used within the actual connection itself.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-2048-bit-keys-vs-256-bit-keys\">2048-bit keys vs. 256-bit keys<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">In SSL\/TLS, asymmetric encryption serves one, extremely important function. It lets the client encrypt the data that will be used by both parties to <a href=\"https:\/\/www.thesslstore.com\/blog\/explaining-ssl-handshake\/\">derive the symmetric session keys they\u2019ll use to communicate<\/a>. You could never use asymmetric encryption to functionally communicate. While the public key can be used to <a href=\"https:\/\/www.thesslstore.com\/blog\/signature-verification-how-to-verify-a-digital-signature-online\/\">verify a digital signature<\/a>, it can\u2019t outright decrypt anything that the private key encrypts, hence we call asymmetric encryption \u201cone way.\u201d<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"120\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Binary-Key-300x120.png\" alt=\"\" class=\"wp-image-10585\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Binary-Key-300x120.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Binary-Key-768x306.png 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Binary-Key-1024x408.png 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/Binary-Key.png 1137w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">But the bigger issue is the key size makes the actual encryption and decryption functions expensive in terms of the CPU resources they gobble up. This is why many larger organizations and enterprises, when deploying SSL\/TLS at scale, <a href=\"https:\/\/www.thesslstore.com\/blog\/ssl-offloading-bridging-termination\/\">offload the handshakes<\/a>: to free up resources on their application servers. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Instead, we use symmetric encryption for the actual\ncommunication that occurs during an encrypted connection. Symmetric keys are\nsmaller and less expensive to compute with. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So, when you see someone reference a 2048-bit private key, they\u2019re most likely referring to an RSA private key. That\u2019s an asymmetric key. It needs to be sufficiently resistant to attacks because it carries out such a critical function. Also, because key exchange is the best attack vector for compromising a connection. It\u2019s much easier to steal the data used to create the symmetric session key and calculate it yourself than to have to crack the key by brute force after it\u2019s already in use. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That begs the question: \u201cHow strong IS 256-bit encryption?\u201d If it\u2019s less robust than a 2048-bit key, is it still sufficient? And we\u2019re going to answer that, but first we need to cover a little more ground for the sake of providing the right context.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"How secure is 256 bit security?\" width=\"960\" height=\"540\" src=\"https:\/\/www.youtube.com\/embed\/S9JGmA5_unY?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-exactly-is-a-bit-of-security\">What exactly is a \u201cbit\u201d of security?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">It\u2019s really important that we discuss bits of security and\ncomparing encryption strength between algorithms before we actually get into\nany practical discussion of how strong 256 bits of security actually is.\nBecause it\u2019s not a 1:1 comparison. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For instance, a 128-bit AES key, which is half the current recommended\nsize, is roughly equivalent to a 3072-bit RSA key in terms of the actual\nsecurity they provide.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It\u2019s also important to understand the difference between\nsecurity claim and security level. <\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span class=\"color\" style=\"color:#29306C\"><strong>Security Claim<\/strong><\/span> \u2013 This is the security level that cryptographic primitive \u2013 the cipher or hash function in question \u2013 was initially designed to achieve.<\/li>\n\n\n\n<li><strong><span class=\"color\" style=\"color:#29306C\">Security Level<\/span><\/strong> \u2013 The <span class=\"color\" style=\"color:#F07725\">ACTUAL<\/span> strength that the cryptographic primitive achieves.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">This is typically expressed in bits. A bit is a basic unit of information. It\u2019s actually a portmanteau of \u201cbinary digit,\u201d which is both incredibly efficient and also not so efficient. Sure, it\u2019s easier to say bit. But I just spent an entire paragraph explaining that a bit is basically a 1 or a 0 in binary when the original term would\u2019ve accomplished that in two words. So, you decide if it\u2019s more efficient. Anyway, we\u2019re not going to spend much more time on binary than we already have, but <a href=\"https:\/\/www.thesslstore.com\/blog\/subnetting-and-masks\/\">Ross wrote a great article on it a few months ago that you should check out<\/a>. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"202\" height=\"300\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/2-bit-key-202x300.png\" alt=\"2 to the 2nd power\" class=\"wp-image-10576\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/2-bit-key-202x300.png 202w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/2-bit-key.png 373w\" sizes=\"auto, (max-width: 202px) 100vw, 202px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Anyway, security level and security claim are typically expressed in bits. In this context, the bits of security, let\u2019s refer to that as (n) refers to the number operations an attacker would hypothetically need to perform to guess the value of the private key. The bigger the key, the harder it is to guess\/crack. Remember, this key is in 1s and 0s, so there are two potential values for each bit. The attacker would have to perform 2<em><sup>n<\/sup><\/em> operations to crack the key.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That may be a bit too abstract so here&#8217;s a quick example: Let\u2019s say there\u2019s a 2-bit key. That means it will have 2<sup>2 <\/sup>(4) values.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That would be trivially easy for a computer to crack, but\nwhen you start to get into larger key sizes it becomes prohibitively difficult for\na modern computer to correctly guess the value of a private key in any reasonable\namount of time. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But before we get to the math, let\u2019s double back to security\nclaim vs. security level<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-security-claim-vs-security-level\">Security Claim vs. Security Level<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Typically when you see encryption marketed, you\u2019re seeing the Security Claim being advertised. That\u2019s what the security level would be under optimal conditions. We\u2019re going to keep this specific to SSL\/TLS and PKI, but the percentage of time that the optimal conditions are present is far from 100%. <a href=\"https:\/\/www.thesslstore.com\/blog\/pki-certificate-management-mistakes\/\">Misconfigurations are commonplace<\/a>, as is <a href=\"https:\/\/www.thesslstore.com\/blog\/nearly-21-of-the-worlds-top-100000-websites-still-arent-using-https\/\">maintaining support for older versions of SSL\/TLS and outmoded cipher suites<\/a> for the sake of interoperability.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the context of SSL\/TLS, when a client arrives at a website a handshake takes place where the two parties determine a mutually agreed upon cipher suite to use. The encryption strength that you actually get is contingent upon the parameters decided on during the handshake, as well as the capabilities of the server and client themselves. <\/p>\n\n\n<div class=\"wp-block-advanced-gutenberg-blocks-post\">\n\t\t\t<a href=\"https:\/\/www.thesslstore.com\/blog\/explaining-ssl-handshake\/\" class=\"wp-block-advanced-gutenberg-blocks-post__image\" style=\"background-image: url('https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/TLS-Handshake-Feature-300x197.png')\">\n\t\t<\/a>\n\t\t<div class=\"wp-block-advanced-gutenberg-blocks-post__content\">\n\t\t<p class=\"wp-block-advanced-gutenberg-blocks-post__title\">\n\t\t\t<a href=\"https:\/\/www.thesslstore.com\/blog\/explaining-ssl-handshake\/\">Taking a Closer Look at the SSL\/TLS Handshake<\/a>\n\t\t<\/p>\n\t\t<p class=\"wp-block-advanced-gutenberg-blocks-post__metas\">\n\t\t\t<em>\n\t\t\t\t\t\t\t\t\t<span> In Everything Encryption <\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<span> By Patrick Nohe <\/span>\n\t\t\t\t\t\t\t<\/em>\n\t\t<\/p>\n\t\t<div class=\"wp-block-advanced-gutenberg-blocks-post__excerpt\">\n\t\t\t<p>\n\t\t\t\t<p>There&#8217;s a lot going on underneath the hood when you connect to a website via HTTPS. First and foremost, everyone needs to&#8230; shake hands?!<\/p>\n\t\t\t<\/p>\n\t\t<\/div>\n\t\t<p class=\"wp-block-advanced-gutenberg-blocks-product__actions\">\n\t\t\t<a href=\"https:\/\/www.thesslstore.com\/blog\/explaining-ssl-handshake\/\" class=\"wp-block-advanced-gutenberg-blocks-post__button\">\n\t\t\t\tRead more\t\t\t<\/a>\n\t\t<\/p>\n\t<\/div>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Sometimes 256-bit encryption only provides a security level of 128 bits. This is particularly common with hashing algorithms, which measure resistance to two different types of attacks:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><span class=\"color\" style=\"color:#53A446\">Collisions<\/span><\/strong> \u2013 Where two different pieces of data produce the same hash value it&#8217;s called a collision and it breaks the algorithm.<\/li>\n\n\n\n<li><strong><span class=\"color\" style=\"color:#53A446\">PreImage resistance <\/span><\/strong>\u2013 How resistant and algorithm is to an exploit where an attacker tries to find a message with a specific hash value.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">So, for instance, <a href=\"https:\/\/www.thesslstore.com\/blog\/difference-sha-1-sha-2-sha-256-hash-algorithms\/\">SHA-256<\/a> has collision resistance of 128 bits (n\/2) , but PreImage resistance of 256 bits. Obviously, <a href=\"https:\/\/www.thesslstore.com\/blog\/difference-encryption-hashing-salting\/\">hashing is different from encryption<\/a> but there are also plenty of similarities that make it worth mentioning. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-so-how-strong-is-256-bit-encryption\">So, how strong is 256-bit encryption?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Again, this varies based on the algorithm you\u2019re using, and it varies from asymmetric to symmetric encryption. As we said, these aren\u2019t 1:1 comparisons. In fact, asymmetric encryption security level isn\u2019t really as scientific as it might seem like it should be. Asymmetric encryption is based on mathematical problems that are easy to perform one way (encryption) but exceedingly difficult to reverse (decryption). Due to that, attacks against public key, asymmetric cryptosystems are typically much faster than the brute-force style searches for key space that plague private key, symmetric encryption schemes. So, when you\u2019re talking about the security level of public key cryptography, it\u2019s not a set figure, but a calculation of the implementation\u2019s computational hardness against the best, most currently well-known attack. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"224\" height=\"300\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/04\/256-bit-encryption-224x300.png\" alt=\"\" class=\"wp-image-10329\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/04\/256-bit-encryption-224x300.png 224w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/04\/256-bit-encryption.png 443w\" sizes=\"auto, (max-width: 224px) 100vw, 224px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Symmetric encryption strength is a little easier to\ncalculate owing to the nature of the attacks they have to defend against. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So, let\u2019s look at AES or Advanced Encryption Standard, which is commonly used as a <a href=\"https:\/\/www.thesslstore.com\/blog\/cipher-suites-algorithms-security-settings\/\">bulk cipher with SSL\/TLS<\/a>. Bulk ciphers are the symmetric cryptosystems that actually handle securing the communication that occurs during an encrypted HTTPS connection. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">There are historically two flavors: block ciphers and stream ciphers. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Block ciphers break everything they encrypt down into key-sized blocks and encrypts them. Decrypting involves piecing the blocks back together. And if the message is too short or too long, which is the majority of the time, they have to be broken up and\/or padded with throwaway data to make them the appropriate length. <a href=\"https:\/\/www.thesslstore.com\/blog\/zombie-poodle-and-goldendoodle-two-new-exploits-found-for-tls-1-2\/\">Padding attacks are one of the most common threats to SSL\/TLS<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">TLS 1.3 did away with this style of bulk encryption for exactly that reason, now all ciphers must be set to stream mode. Stream ciphers encrypt data in pseudorandom streams of any length, they\u2019re considered easier to deploy and require fewer resources. TLS 1.3 has also done away with some insecure stream ciphers, like RC4, too. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So, long story short, there are really only two suggested bulk\nciphers nowadays, AES and ChaCha20. We\u2019re going to focus on AES right now\nbecause ChaCha20 is a different animal. <\/p>\n\n\n\n<div class=\"wp-block-columns has-2-columns is-layout-flex wp-container-core-columns-is-layout-8f761849 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p class=\"wp-block-paragraph\"> <strong><span style=\"color:#29306C\" class=\"color\">TLS 1.2 Recommended Ciphers <\/span><\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>TLS_ECDHE_ECDSA_WITH_<strong><span class=\"color\" style=\"color:#F07725\">AES_256_GCM<\/span><\/strong>_SHA384<\/li>\n\n\n\n<li>TLS_ECDHE_ECDSA_WITH_<strong><span class=\"color\" style=\"color:#F07725\">AES_128_GCM<\/span><\/strong>_SHA256 <\/li>\n\n\n\n<li>TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305<\/li>\n\n\n\n<li>TLS_ECDHE_RSA_WITH_<strong><span class=\"color\" style=\"color:#F07725\">AES_256_GCM<\/span><\/strong>_SHA384<\/li>\n\n\n\n<li>TLS_ECDHE_RSA_WITH_<strong><span class=\"color\" style=\"color:#F07725\">AES_128_GCM<\/span><\/strong>_SHA256 <\/li>\n\n\n\n<li>TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 <\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p class=\"wp-block-paragraph\"> <strong><span style=\"color:#29306C\" class=\"color\">TLS 1.3 Recommended Ciphers <\/span><\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>TLS_<span class=\"color\" style=\"color:#F07725\"><strong>AES_256_GCM<\/strong><\/span>_SHA384<\/li>\n\n\n\n<li>TLS_CHACHA20_POLY1305_SHA256<\/li>\n\n\n\n<li>TLS_<span class=\"color\" style=\"color:#F07725\"><strong>AES_128_GCM<\/strong><\/span>_SHA256<\/li>\n\n\n\n<li>TLS_<span class=\"color\" style=\"color:#F07725\"><strong>AES_128_CCM_8<\/strong><\/span>_SHA256<\/li>\n\n\n\n<li>TLS_<span class=\"color\" style=\"color:#F07725\"><strong>AES_128_CCM<\/strong><\/span>_SHA256 <\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">GCM stands for Galois Counter Mode, which allows AES \u2013 which is actually a block cipher \u2013 run in stream mode. CCM is similar, combing a counter mode with a message authentication functions.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As we covered, you can actually safely run AES in GCM or CCM with 128-bit keys and be fine. You\u2019re getting equivalent of 3072-bit RSA in terms of the security level. But we typically suggest going with 256-bit keys so that you maintain maximum computational hardness for the longest period of time. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"300\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/256-bit-key-1-300x300.png\" alt=\"256-bit key, 2 to the 256th power\" class=\"wp-image-10594\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/256-bit-key-1-300x300.png 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/256-bit-key-1.png 468w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">So, let\u2019s look at those 256-bit keys. A 256-bit key can have\n2<sup>256 <\/sup>possible combinations. As we mentioned earlier, a two-bit key\nwould have four possible combinations (and be easily crackable by a two-bit\ncrook). We\u2019re dealing in exponentiation here though, so each time you raise the\nexponent, n, you increase the number of possible combinations wildly. 2<sup>256\n<\/sup>is 2 x 2, x 2, x 2\u2026 256 times. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As we\u2019ve covered, the best way to crack an encryption key is \u2018brute-forcing,&#8217; which is basically just trial &amp; error in simple terms. So, if the key length is 256-bit, there would be 2<sup>256<\/sup> possible combinations, and a hacker must try most of the 2<sup>256 <\/sup>possible combinations before arriving at the conclusion. It likely won\u2019t take all trying all of them to guess the key \u2013 typically it\u2019s about 50% &#8211; but the time it would take to do this would last way beyond any human lifespan.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A 256-bit private key will have <span style=\"color:#F07725\" class=\"color\">115,792,089,237,316,195,423,570,985,008,687,907,853,269,<\/span><br><span style=\"color:#F07725\" class=\"color\">984,665,640,564,039,457,584,007,913,129,639,936<\/span> (that\u2019s 78 digits) possible combinations. No Super Computer on the face of this earth can crack that in any reasonable timeframe.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Even if you use Tianhe-2 (MilkyWay-2), the fastest supercomputer in the world, it will take millions of years to crack 256-bit AES encryption.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That figure sky-rockets even more when you try to figure out the time it would take to factor an RSA private key. A 2048-bit RSA key would take 6.4 quadrillion years (6,400,000,000,000,000 years) to calculate, <a href=\"https:\/\/www.thesslstore.com\/blog\/quantum-computings-threat-public-key-cryptography-need-worry\/\">per DigiCert<\/a>. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Nobody has that kind of time.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-quantum-computing-is-going-to-change-all-of-this\">Quantum Computing is going to change all of this<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Now would actually be a good spot to <a href=\"https:\/\/www.thesslstore.com\/blog\/post-quantum-encryption\/\">talk a little bit about quantum encryption<\/a> and the threat it poses to our modern cryptographic primitives. As we\u2019ve just covered, computers work in binary. 1\u2019s and 0\u2019s. And the way bits work on modern computers is that they have to be a known value, they\u2019re either a 1 or a 0. Period. That means that a modern computer can only guess once at a time. <\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"221\" height=\"393\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/Bits.png\" alt=\"\" class=\"wp-image-10583\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/Bits.png 221w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2019\/05\/Bits-169x300.png 169w\" sizes=\"auto, (max-width: 221px) 100vw, 221px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Obviously, that severely limits how quickly it can brute\nforce combinations in an effort to crack a private key. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Quantum Computers will have no such limitations. Now, two things, first of all quantum computing is still about 7-10 years from viability, so we\u2019re still a ways off. Some CAs, like DigiCert, <a href=\"https:\/\/www.thesslstore.com\/blog\/quantum-safe-encryption-digicert\/\">have begun to put post-quantum digital certificates on IoT devices<\/a> that will have long lifespans to try and preemptively secure them against quantum computing, but other than that we\u2019re still in the research phase when it comes to quantum-proof encryption. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The issue is that quantum computers don\u2019t use bits, they use quantum bits or qubits. A quantum bit can be BOTH a 1 and a 0 thanks to a principle called superposition, which is a little more complicated than we\u2019re going to get today. Qubits give quantum computers the power to exponentiate their brute force attacks, which effectively cancels out the computational hardness provided by the exponentiation that took place with the cryptographic primitive. A four Qubit computer can effectively be in four different positions (2<sup>2<\/sup>) at once. It\u2019s 2<em><sup>n<\/sup><\/em> once again, so a Quantum Computer with n qubits can try 2<em><sup>n<\/sup><\/em> combinations simultaneously. Bristlecone, which has 72 qubits, can try 2<em><sup>72<\/sup><\/em> (4,722,366,482,869,645,213,696) values at once. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Again, we\u2019re still a ways from that and the quantum computer would have to figure out how to successfully run Shor\u2019s algorithm, another topic for another day, so this is still largely theoretical. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Still, suddenly 4.6 quadrillion years doesn\u2019t seem like such a long time. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-let-s-wrap-this-up\">Let\u2019s wrap this up\u2026<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">256-bit encryption is fairly standard in 2019, but every\nmention of 256-bit encryption doesn\u2019t refer to the same thing. Sometimes\n256-bits of encryption only rises to a security level of 128 bits. Sometimes\nkey size and security level are intrinsically linked while other times one is\njust used to approximate the other. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">So the answer to \u201chow strong is 256 bit encryption\u201d isn\u2019t one with a clear cut answer. At least not all time the time.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the context of SSL\/TLS though, it most commonly refers to\nAES encryption, where 256 bits really does mean 256 bits. And, at least for the\ntime being, that 256-bit encryption is still plenty strong. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">By the time an attacker using a modern computer is able to\ncrack a 256-bit symmetric key, not only will it have been discarded, you\u2019ll\nhave likely replaced the SSL\/TLS certificate that helped generate it, too.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Long story short, <a href=\"https:\/\/www.thesslstore.com\/blog\/71-of-organizations-dont-know-how-many-certificates-keys-they-have\/\">the biggest threat to your encryption and your encryption keys is still mismanagement<\/a>, the technology behind them is sound.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>As always, leave any comments or questions below\u2026<\/em><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"267\" src=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/08\/bigstock-222348568-1024x267.jpg\" alt=\"Hashed Out by The SSL Store is the voice of record in the SSL\/TLS industry.\" class=\"wp-image-7276\" srcset=\"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/08\/bigstock-222348568-1024x267.jpg 1024w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/08\/bigstock-222348568-300x78.jpg 300w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/08\/bigstock-222348568-768x200.jpg 768w, https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2018\/08\/bigstock-222348568.jpg 1559w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-css-opacity\"\/>\n\n\n\n<p class=\"has-text-align-center wp-block-paragraph\"><span style=\"color:#F07725\" class=\"color\"><em>This article was originally written by Jay Thakkar in 2017, it has been re-written for 2019 by Patrick Nohe.<\/em><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>256-bit encryption strength gets tossed around all the time, but most people have no idea what 256 bits of security means or how strong it actually is. Let&#8217;s hash it out.<\/p>\n","protected":false},"author":6,"featured_media":10577,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":"","tve_updated_post":"","tve_custom_css":"","tve_user_custom_css":"","tve_globals":{},"tcb2_ready":0,"tcb_editor_enabled":0,"tve_landing_page":"","_tve_header":"","_tve_footer":""},"categories":[130],"tags":[5452],"class_list":["post-5516","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-everything-encryption","tag-256-bit-encryption","post-with-tags"],"views":367152,"jetpack_featured_media_url":"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/12\/256-bit-feature.png","_links":{"self":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/5516","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/comments?post=5516"}],"version-history":[{"count":0,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/5516\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media\/10577"}],"wp:attachment":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media?parent=5516"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/categories?post=5516"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/tags?post=5516"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}