Home > Enterprise >  AES-GCM 256-bit VS. SSL/TLS for socket security
AES-GCM 256-bit VS. SSL/TLS for socket security

Time:11-30

Is there a difference between using AES-GCM 256-bit encryption, or using SSL/TLS to pass data over a socket.

I am currently passing data back and forth from client to server, using asymmetric AES-GCM 256-bit encryption. Is there an advantage to using SSL/TLS as opposed to my current security method?

CodePudding user response:

difference between using AES-GCM 256-bit encryption, or using SSL/TLS

These cannot be directly compared.

  • AES-GCM is encryption with integrity protection - nothing more.
    It needs an encryption key which somehow needs to be exchanged between the sender and recipient - how this is done is out of scope of AES-CGM.
  • SSL/TLS is a protocol specifically to protect a communication between two parties.
    It provides encryption and integrity protection (for example using AES-CGM), but much more: Key exchange to compute a common key which is then used in the encryption, replay protection, authentication of the server to protect against man in the middle attacks.

Thus, better use SSL/TLS since it provides not only encryption but much more of what is needed for secure communication.

Page link:https//www.codepudding.com/Enterprise/626803.html

Prev:How to obtain the body response in the client-side?
Next:how can I get generate implement type for gtest?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding