Update 30th May 2020

My Research Toolbox Update

Improved Security & Data Integrity

May 30, 2020


Written by Carlos Silvestre

We have officially enabled cryptographic modules that have been thoroughly tested and validated by the National Institute of Standards and Technology (NIST) Testing Laboratory. The tables below, illustrate security cipher suites in the pre and post validation phase.

Pre-Validation

Suites in server-preferred order

TLS 1.3

TLS 1.2

AES_256_GCM_SHA384

ECDHE_RSA_WITH_AES_256_GCM_SHA384

CHACHA20_POLY1305_SHA256

ECDHE_RSA_WITH_AES_128_GCM_SHA256

AES_128_GCM_SHA256

DHE_RSA_WITH_AES_256_GCM_SHA384


DHE_RSA_WITH_AES_128_GCM_SHA256


ECDHE_RSA_WITH_ARIA_256_GCM_SHA384


DHE_RSA_WITH_ARIA_256_GCM_SHA384


ECDHE_RSA_WITH_ARIA_128_GCM_SHA256


DHE_RSA_WITH_ARIA_128_GCM_SHA256

Post-Validation

Suites in server-preferred order

TLS 1.3

TLS 1.2

AES_256_GCM_SHA384

ECDHE_RSA_WITH_AES_256_GCM_SHA384


ECDHE_RSA_WITH_AES_128_GCM_SHA256


DHE_RSA_WITH_AES_256_GCM_SHA384


DHE_RSA_WITH_AES_128_GCM_SHA256



The security cipher suites selected are built on top of Federal Information Processing Standard (FIPS) certified modules containing:

(a) Bug Fixes

(b) Common Vulnerabilities and Exposures (CVE) Fixes

(c) Enhancements

(d) Additional Cryptographic Hash Functions

This is used to simultaneously verify both data integrity and authenticity of a message.

Disclaimer: We strongly value protecting the integrity of our users data. Using cryptographic modules built on top of heavily tested FIPS certified modules is a voluntary act. This is important because it defines compliance in encryption and security measures in the United States Government; which means that our systems have been thoroughly reviewed and tested to be FIPS compliant.

Scroll to Top