How to select the safest Encryption – AES-GCM to obtain PERFECT FORWARD SECRECY

Galois/Counter Mode (GCM)

GCM is free of patent claims, and has no known security problems.

The AES-GCM process is supported in TLS v 1.2.

DISABLE CBC Encryption

Even Google relies on RC4 as the primary algorithm, and the credit card standard PCI DSS required server administrators to disable all CBC algorithms and only accept connections via RC4 – THIS IS A MAJOR MISTAKE.  You may prefer to BANISH CBC options.

Perfect Forward Secrecy

The approach ensures that the real key is never transmitted across the wire. The temporary key is destroyed.  The stunning advantage is that even if the attacker hijacks the connection and later gains possession of the private key, he cannot decrypt the content.  This property is called PERFECT FORWARD SECRECY.

TLS v1.2

TLS provides a key exchange with elliptic curve Diffie-Hellman. ECDHE.

In TLS v1.2, AES encryption is supported in both (the system to be avoided) CBC mode and the desirable GCM mode (Galois/Counter Mode).

Both are offered with and without Perfect Forward Secrecy.

Disable everything except the GCM algorithms.

This approach means that all applications and clients must use TLS v 1.2.

For the GCM algorithms in TLS 1.2 to work, you need a version of OpenSSL newer than 1.0.1.

Apache v 2.4

Apache Version 2.4 or newer offers algorithms that perform a key exchange with elliptic curves (ECDHE).

RFC 5647

AES Galois Counter Mode for

the Secure Shell Transport Layer Protocol

https://tools.ietf.org/html/rfc5647

*****

Full credit to http://www.admin-magazine.com

****

Attacks on SSL    –  A comprehenisve Study of Beast, Crime, Time, Breach, Lucky 13 7 RC4 Biases

https://www.isecpartners.com/media/106031/ssl_attacks_survey.pdf