Note-to-self: Security Advisory 2868725: Recommendation to disable RC4

Source: http://blogs.technet.com/b/srd/archive/2013/11/12/security-advisory-2868725-recommendation-to-disable-rc4.aspx

Resumé:

In light of recent research into practical attacks on biases in the RC4 stream cipher, Microsoft is recommending that customers enable TLS1.2 in their services and take steps to retire and deprecate RC4 as used in their TLS implementations.

Microsoft recommends TLS1.2 with AES-GCM as a more secure alternative which will provide similar performance.

See also:

TechNet Blogs » Security Research & Defense : http://blogs.technet.com/b/srd/

And other interesting reading material referenced in the blog:

http://blog.cryptographyengineering.com/

 

 

Advertisements

Note-to-self: An Overview of Modern Cryptography on Data Encryption Summit (by BrightTalk)

Encryption, certificates and PKI become more and more import in current day to day operations.

If you got some spare time for learning online, the items below might be of interest.

10 interactive webcasts on Modern Cryptography are now available to view on-demand at BrightTalk.

Recorded 5/may/2011

About this Data Encryption summit

“With the ever-increasing volume of data and the adoption of new devices used to access it, effective security is becoming more challenging than ever. Encryption remains one of the best tools to protect sensitive personal and corporate data, but is implemented with varying degrees of success. Our presenters will discuss best practices for using encryption to achieve maximum security by exploring different products, solutions and use cases.

Over 1000 global attendees enjoyed the expert line-up of speakers discussing “modern cryptography“, “protecting corporate assets“, “encryption and social media“, “data leakage-WikiLeaks” and many more. As encryption remains one of the best tools to protect sensitive personal and corporate data, is it implemented with varying degrees of success? Review the topics below and hear our presenters discuss the best practices for using encryption to achieve maximum security by exploring different products, solutions and use cases”

The list of webinar includes:

    Keep in mind, you need to be registered with BrightTalk to watch the sessions.

Enjoy !