All Collections
Tips & FAQ
Why does Resource Guru use a 128-bit SSL connection instead of a 256-bit one?
Why does Resource Guru use a 128-bit SSL connection instead of a 256-bit one?
Kat Pattison avatar
Written by Kat Pattison
Updated over a week ago

The reason we use 128-bit encryption instead of 256-bit is because the chance of a successful brute force attack on AES 256 is effectively zero and the chance of a successful brute force attack on AES 128 is also effectively zero. But AES 128 is faster so that's why we, and the following giants of the web, all use 128-bit encryption:
​ 
​ Apple
​ Google
​ Youtube
​ Amazon
​ Twitter
​ 
If you’re using Chrome when you’re on any of the sites above, you can see your 128-bit connection to the site by clicking on the padlock in the address bar > Connection tab > "The connection is encrypted and authenticated using …”.


As further evidence, Bruce Schneier said ”And for new applications I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the foreseeable future." He is an internationally renowned security technologist, called a "security guru" by The Economist. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press.
​ 
There’s even more at: https://www.quora.com/Why-do-large-sites-like-Google-Amazon-use-128-bit-SSL-encryption-rather-than-256-bit and https://www.quora.com/In-terms-of-security-how-does-128-bit-RC4-compare-with-AES-256


Learn more

Did this answer your question?