Will Disabling All Non-256-bit Cipher Suites Cause An Issue?

Sahin

9/25/23, 8:26 AM

I want to disable some risky cipher suites (especially for TLS 1.1 and 1.0) which are 128-bit, in order to achieve a more secure server in Windows. But these cipher suites may be used by some client. They probably use a 256 bit version of some cipher suite. I just want to be sure this won't cause a problem.

0 + 0

security

ssl

https

cipher

Steffen Ullrich

9/25/23, 8:38 AM

There is nothing known about the clients which access your server, so it is impossible to say if this would be a problem.

Score:4

Server

Matthew Ife

9/25/23, 8:47 AM

Its not possible to answer this conclusively.

Generally SSL/TLS negotiates up to the strongest possible cipher and most modern systems of at least the last 5 years will support 256 bit symmetric ciphers.

You have to make a pragmatic decision as to what you want.

You can either choose to speak to less secure clients using 'risky cipher suites' and not block them, or not speak to these clients and cause a problem for them, but become more secure.

Its kind of a mutually exclusive deal.

Only you are in a position to know the SSL clients you speak to. You're going to need to do an analysis or stachostic guess on:

Who you're clients are.
How recent are their SSL clients.
What the actual impact is of not speaking to any blocked clients to your service delivery.

If you want any confidence at all on what impact it might have.

Failing that, if you do not have the time, money or inclination you can just change it and see if you hear any bad news..

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Will Disabling All Non-256-bit Cipher Suites Cause An Issue?

TH: การปิดใช้งาน Cipher Suites ที่ไม่ใช่ 256 บิตทั้งหมดจะทำให้เกิดปัญหาหรือไม่

RO: Dezactivarea tuturor suitelor de criptare non-256 de biți va cauza o problemă?

RU: Вызовет ли отключение всех не 256-битных наборов шифров проблему?

VI: Việc vô hiệu hóa tất cả các bộ mật mã không phải 256-bit có gây ra sự cố không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.