SSL Information Center - SGC: True 128-Bit SSL Encryption from VeriSign, Inc.

SGC: True 128-Bit SSL Encryption

Server-Gated Cryptography (SGC) Certificates enable 128- or 256-bit SSL encryption (depending on the Web browser, operating system, and host server), the most powerful SSL encryption commercially available today.

You need the strongest SSL encryption available, when...
  • you accept credit card, debit card, purchase card, or other online payments.
  • you allow network access to confidential bank or brokerage account information.
  • you transmit health care or insurance claim records electronically.
  • you must meet privacy and security standards as a government agency.
  • your reputation depends on the privacy and integrity of your information.
Over a Trillion Times a Trillion Times Stronger

When an SSL handshake occurs between a client and server, a level of encryption is determined by the Web browser, the client computer operating system, and the SSL Certificate. Strong encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That’s over a trillion times a trillion times stronger. At current computing speeds, a hacker with the time, tools, and motivation to attack using brute force would require a trillion years to break into a session protected by an SGC-enabled certificate.

256-bit SSL Encryption

The Advanced Encryption Standard (AES) enables 256-bit encryption, much stronger than 128-bit. If your server and your site visitor’s browser support 256-bit encryption, then all VeriSign SSL Certificates will deliver this higher level of protection.

When Browsers Fail to Step Up to Strong Encryption

Even though an SSL Certificate is capable of 128-bit or 256-bit encryption, certain older browsers and operating systems still cannot connect at this level. (Building Blocks of Transparent Web Security: Server-Gated Cryptography, Yankee Group, 2005.) Without an SGC certificate on the Web server, Web browsers and operating systems that do not support 128-bit strong encryption will receive only 40- or 56-bit encryption. Users with the following browser versions and operating systems will temporarily step-up to 128-bit SSL encryption if they visit a Web site with an SGC-enabled SSL Certificate:

  • Internet Explorer export browser versions from 3.02 but before version 5.5
  • Netscape export browser versions after 4.02 and up through 4.72
  • Windows 2000 systems shipped prior to March 2001 that have not downloaded Microsoft’s High Encryption Pack or Service Pack 2 and that use Internet Explorer

(Internet Explorer browser versions prior to 3.02 and Netscape browser versions prior to 4.02 are not capable of 128-bit encryption with any SSL Certificate.)

Protect Customers with the Strongest Possible Encryption

Because Web site visitors cannot easily determine the encryption strength of a given session, they depend on the site owner to protect them. True 128-Bit SSL Certificates enable every site visitor to experience the strongest SSL encryption available to them. VeriSign is the leading SSL provider of SGC-enabled SSL Certificates, enabling 128- or 256-bit encryption to over 99.9% of Web site visitors.

Learn More
Need More Info?
Call 866-893-6565 or 650-426-5112 Request information online.
  • Certificate Center

  • Sign in to VeriSign Certificate Center