Weak Cipher

Introduction

In the best practice HTTP vs HTTPs, we discussed how important it is to secure the transmission of data between your customers and your servers. HTTPS is the correct way to do this. When you encrypt your data using HTTPS, there is a key that is involved, and security experts recommend that you use a key length of 128 or 256 to help protect your connections – since smaller keys can be easily broken using brute force methods.

Background

As computers become more and more powerful, breaking weak ciphers (encrypted data streams with short keys) becomes more and more trivial.

The Issue

Even if your data is encrypted using HTTPS, hackers will find any weakness they can to break into your data and glean information. Using a weak cipher allows the “bad guys” the ability to brute force your encryption – since short keys can be broken with today’s powerful computation.

Best Practice Recommendation

If Video Optimizer detects a cipher that is considered too short it will flag that connection – show you the name of the cipher, so that you can pinpoint this connection that has the weak cipher – allowing you to rectify the issue – helping protect the data you are transmitting with a stronger method of encryption.