SSL Encryption

SSL encryption occurs at two basic levels, which for purposes of this discusion we can think of as the low level of encryption and the high level.Low-level SSL encryption is encrypted at either 40 or 56 bits. High-level SSL encryption occurs at a full 128 or 256 bits.

Whether a given SSL session occurs at the low or the high level of encryption depends on both the configuration of the client system and the type of SSL Certificate in place on the Web server.
Many client systems are unable to take advantage of full 128-bit SSL encryption unless an SGC-enabled certificate is in place.The difference between these encryption levels is dramatic. 128-bit encryption offers 288 times as many possible combinations as40-bit encryption, which is approximately equal to 300 septillion (300,000,000,000,000,000,000,000,000) times stronger. That’s over a trillion times a trillion times stronger!

The most common form of encryption breaking is “brute force” computation, the inputting of every possible variable into a prompt until the right one comes up. In 1997, 40-bit SSL was broken in about four hours by a college student using this method, and nowadays it can be broken by a hacker with the right skills and a high-end home system in a matter of minutes.If this same hacker were to attack a 128-bit SSL session, it would take well over a trillion years to break that session.

Whitepaper - Verisign
Intellitech I.T. Solutions Ltd. - Agents and distributors of SecureStix