all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Is the use of EDCH without ephemeral key generation considered best practice?

Add to bookmarks
Aug. 1, 2023, 10:26 a.m. | /u/iamjacksbladder

cybersecurity www.reddit.com

Struggling to find the answer to this, from a best practice perspective should we be mandating the use of ephemeral key generation?

Current approval ciphers include TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 at 265 key bite length and ephemeral key suggested but not mandated.

On looking this up the cipher is showing as weak without ephemeral due to PFS not being supported.

best practice cipher ciphers current cybersecurity find key length perspective practice

Visit resource

More from www.reddit.com / cybersecurity

New Cuttlefish malware infects routers to monitor traffic for credentials 2 hours ago | www.reddit.com
credentials cuttlefish cuttlefish malware cybersecurity +4
Shortridge Makes Sense of the 2024 Verizon DBIR 7 hours ago | www.reddit.com
big cybersecurity dbir fan +2
CISA Releases Fact Sheet on Defending OT Environments 9 hours ago | www.reddit.com
cisa cybersecurity defending environments +3
For those actively in the job market and having trouble, what specifically is the hardest … 10 hours ago | www.reddit.com
bad current cybersecurity experience +9
Dropbox Says Hackers Breached Digital-Signature Product 11 hours ago | www.reddit.com
breached cybersecurity digital dropbox +3
Creating a breach search website? 15 hours ago | www.reddit.com
breach breached breaches companies +11
Is it normal to see your tools lie? 17 hours ago | www.reddit.com
alert cybersecurity dig expect +10
Remediation Timelines for different types of Network Devices 17 hours ago | www.reddit.com
best practices business business continuity challenges +16
Need to vent. Mantrap to be used as auxiliary office… 21 hours ago | www.reddit.com
cybersecurity intern key leadership +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs