Hello i have just recently started learning about cryptography, so i was doing some little research on what kind of encryption techniques and modes that were used in bank web pages. I have noticed that some bank uses the AES_256_CBC with HMAC SHA1 and banks that uses AES_128_GCM...I have seen more banks using AES_128_GCM or AES_128_CBC over AES_256_CBC... So i would like to ask if there are any major advantages of using AES_128_GCM/CBC over AES_256_CBC or they are more or less the same and it is just a preferential
Asked
Active
Viewed 5,559 times
1
-
GCM is indeed better than CBC, because CBC had issues in the past and GCM mitigates them (CBC authenticates-then-encrypts, GCM does it the other way around). Besides that speed is the major concern I'd guess (especially considering that banks may need to serve many connections at once). AES-128 is faster than AES-256 and today neither of both can be broken. – SEJPM Nov 29 '15 at 15:45
-
Oh i see so both are secured is just 128 is faster ! Thank you very much for the reply :) – Sean95 Nov 29 '15 at 15:49
-
1The CBC vs. GCM part in answered here: http://crypto.stackexchange.com/questions/2310/what-is-the-difference-between-cbc-and-gcm-mode – otus Nov 29 '15 at 16:38