AES-GCM 256-bit VS. SSL/TLS for socket security
Question:
Is there a difference between using AES-GCM 256-bit encryption, or using SSL/TLS to pass data over a socket.
I am currently passing data back and forth from client to server, using asymmetric AES-GCM 256-bit encryption. Is there an advantage to using SSL/TLS as opposed to my current security method?
Answers:
difference between using AES-GCM 256-bit encryption, or using SSL/TLS
These cannot be directly compared.
- AES-GCM is encryption with integrity protection – nothing more.
It needs an encryption key which somehow needs to be exchanged between the sender and recipient – how this is done is out of scope of AES-CGM.
- SSL/TLS is a protocol specifically to protect a communication between two parties.
It provides encryption and integrity protection (for example using AES-CGM), but much more: Key exchange to compute a common key which is then used in the encryption, replay protection, authentication of the server to protect against man in the middle attacks.
Thus, better use SSL/TLS since it provides not only encryption but much more of what is needed for secure communication.
Is there a difference between using AES-GCM 256-bit encryption, or using SSL/TLS to pass data over a socket.
I am currently passing data back and forth from client to server, using asymmetric AES-GCM 256-bit encryption. Is there an advantage to using SSL/TLS as opposed to my current security method?
difference between using AES-GCM 256-bit encryption, or using SSL/TLS
These cannot be directly compared.
- AES-GCM is encryption with integrity protection – nothing more.
It needs an encryption key which somehow needs to be exchanged between the sender and recipient – how this is done is out of scope of AES-CGM. - SSL/TLS is a protocol specifically to protect a communication between two parties.
It provides encryption and integrity protection (for example using AES-CGM), but much more: Key exchange to compute a common key which is then used in the encryption, replay protection, authentication of the server to protect against man in the middle attacks.
Thus, better use SSL/TLS since it provides not only encryption but much more of what is needed for secure communication.