hi!

when i connect with flashfxp (v3.0.2.1044) i get this msg in status window:

[R] SSL encrypted session using cipher DHE-RSA-AES256-SHA (256 bits)

so far, so good.
but... sometimes it looks like this (same server):

[R] SSL encrypted session using cipher EDH-RSA-DES-CBC3-SHA (168 bits)


maybe somebody can tell the difference?
i always thought that AES256 was one of the strongest algos...
why does it change?



wasabi

I think the crypto-algorithm is chosen by ftp server.

168bit cipher is 3DES, a mode of the DES encryption algorithm that encrypts data three times. Three 56-bit keys are used, instead of one, for an overall key length of 168 bits.

Personally, I trust 3DES algorithm instead of AES. Because DES/3DES is an "old" cipher. It has been studied thoroughly for decades. And there is no attacks have been found against 3DES yet.

Detail info:
http://kingkong.me.berkeley.edu/~kenneth/courses/sims250/des.html

sorry for my bad english..