|
|
|
Server Gated Cryptography (SGC) was created in response to United States federal legislation on the export of strong cryptography in the 1990s. The legislation had limited encryption to weak algorithms and shorter key lengths if used in software outside of the United States of America. As the legislation included an exception for financial transactions, SGC was created as an extension to SSL, with SGC certificates only issued to financial organisations. When a SSL handshake takes place, the software (e.g. a web browser) would list the ciphers that it supports.
Although the weaker exported browsers would only include weaker ciphers in its SSL handshake, the browser did also contain stronger cryptography algorithms.
To comply with the legislation, the browser would only renegotiate the handshake to use the stronger ciphers if the browser detected that the server has a SGC certificate.
This legislation has now been revoked and SGC certificates can now be issued to any organisation. However, there are still large numbers of older browsers in use, especially outside the USA, which will only use weaker encryption unless connecting to a server that is SGC enabled. |
|
|
|
|
You need SGC-enabled SSL, if... |
- You accept credit card, debit card, purchase card, or electronic check online payments.
- Your employees or customers have network access to confidential bank or brokerage account information.
- You transmit health care records electronically.
- You must meet privacy and security standards as a government agency.
- You share insurance claim information with business partners.
- Your reputation depends on the privacy and integrity of your information.
|
Over a Trillion Times a Trillion Times Stronger When an SSL handshake occurs between a client and server, a level of encryption is determined by the browser, the client computer operating system, and the SSL Certificate. Low-level encryption, 40 or 56 bits, is acceptable for sites with low-value information. However, a hacker with the time, tools, and motivation can crack the code in a matter of minutes.
High-level encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That’s over a trillion times a trillion times stronger. That same hacker with the same tools would require a trillion years to break into a session protected by an SGC-enabled certificate.
Look for True 128-Bit SSL Certificates
Many Windows 2000 systems using Internet Explorer browser will fail to step up to 128 bits regardless of the version of Internet Explorer they're running unless they connect to an SGC-enabled certificate. Other SSL providers claim to offer 128-bit certificates, but they do not offer 128-bit SSL encryption to the most possible site visitors. Symantec is the leading SSL provider with SGC-enabled SSL Certificates, which provide 128- or 256-bit encryption to over 99.9% of Web site visitors. |
|
|
|
Pls submit your query for the commercial proposal |
|
|
|
|
|
|