FAQ -> FAQ Answers

How strongly secure is SSL encryption?

The explanation below contains technical language and is provided for your for piece-of-mind only. You do not need vast computer knowledge to use our secure servers.

SSL (Secure Socket Layer) uses an encryption method that involves our server and the viewer of the web site exchanging a session key. This key is used to encrypt the communications between the two so they are the only ones able to read the communication. Nobody in-between the two parties can read anything except the highly encrypted jumble of information being sent.

Each transaction uses an individual session key so that in the extraordinarily unlikely scenario that someone cracks the server's secret key, subsequent secure communications use a completely different key. The subsequent keys would take the same amount of time to decode as the first.

The first step in getting at any data transmitted is to find a way of intercepting it. This is an extremely hard step in itself. Cracking the data afterwards simply isn't realistic, especially in comparison to intercepting your mail or something less complex.

Server and browsers have the capability to do encryption with a key as small as 40-bit, all the way to 128-bit. 40-bit encryption is considered by some to be insecure. They feel that because an extremely powerful group of computers can work together to break the encryption by trying each of the 2^40 possible keys, that it should not be used for serious encryption.

A French researcher proved them correct by using a powerful network to break a 40-bit encrypted communication in a little over a week. Naturally even taking this "short" amount of time to break the encryption is irrelevant because the transaction had been finished over a week ago. The hacker didn't even get close.

Using a larger secret key obviously makes the encryption stronger and harder to crack. 128-bit encryption (the kind both our payments and our client secure server use) is not merely four-times as strong. It is a massive 2^128 rather than 2^40. That means there are over a trillion times a trillion possible key combinations.

It would take longer than the estimated age of the entire universe to crack the communication. Nobody would even try.

Here is the table of possible key combinations for key sizes.

Key Size

Possible Key Combinations

2-bit
3-bit
4-bit
5-bit
6-bit
7-bit
8-bit
9-bit
10-bit
11-bit
12-bit
16-bit
24-bit
30-bit
40-bit
56-bit
128-bit

2^2 2x2 = 4
2^3 2x2x2 = 8
2^4 2x2x2x2 = 16
2^5 2x2x2x2x2 = 32
2^6 2x2x2x2x2x2 = 64
2^7 2x2x2x2x2x2x2 = 128
2^8 2x2x2x2x2x2x2x2 = 256
2^9 2x2x2x2x2x2x2x2x2 = 512
2^10 2x2x2x2x2x2x2x2x2x2 = 1024
2^11 2x2x2x2x2x2x2x2x2x2... = 2048
2^12 2x2x2x2x2x2x2x2x2x2... = 4096
2^16 2x2x2x2x2x2x2x2x2x2... = 65536
2^24 2x2x2x2x2x2x2x2x2x2... = 16.7 million
2^30 2x2x2x2x2x2x2x2x2x2... = 1 billion (1,073,741,800)
2^40 2x2x2x2x2x2x2x2x2x2... = 1 trillion (1,097,728,000,000)
2^56 2x2x2x2x2x2x2x2x2x2.... = 72 thousand quadrillion (71,892,000,000,000,000)
2^128 2x2x2x2x2x2x2x2x2x2......... = 339,000,000,000,000,000,000,000,000,000,000,000 (give or take a couple of trillion...)

Simply, 128-bit security of SSL is totally secure for both your payment transactions and communications from our secure server.

Please go back to see more Frequently Asked Questions or contact us if you cannot find the answer to your enquiry.

Cherry Web Hosting Web Hosting Plans
FAQ Support Web Design
About Cherry Contact Cherry Resources

Contact Cherry