Secure Sockets Layer

What level of encryption is used?

There are two popular levels of encryption that are used in SSL.  40 bit and 128 bit.  The difference is night and day.  The RSA site describes it in the following way:

Equated to the real world, sending information without encryption is like sending a postcard through the mail - the contents are visible to anyone who wants to see it.  Using this analogy, 40-bit encryption is like sending the information in an plain white envelope, and 128-bit encryption is like encasing your data in a lead-lined, 6-inch thick titanium safe that is being transported by an armored tank with a convoy of a hundred armed guards.   In other words, 128-bits is considerably more secure than 40.

As it was discussed in class, it is illegal to export 128 bit encryption out of the country.  Therefore, international transactions will be less secure.  This should be a concern for the Internet community.  The notion of the the 128 bit encryption being in 6 inch titanium is a little bit overstated.  The encryption can be broken.  If you don't believe it, follow this link.

To check to see what type on encryption you are using check your browsers encryption preferences.

Where can I get more information?

Paul Palicki