Meeting AES 256 Encryption Requirements For Data In Transit

Words By John Carl Villanueva
Last Updated:
Learn how to enable FTPS, SFTP, HTTPS, WebDAVS, OFTP, and AS2 file transfers with AES 256 bit encryption
  1. Blog

Overview

Not many organizations require AES 256 encryption to secure their sensitive documents. But those who do might find this post quite useful. Here, we'll show you how to enable FTPS, SFTP, HTTPS, WebDAVS, OFTP, and AS2 file transfers with AES 256 bit encryption. Does that look like something you can use? Read on!

In terms of key lengths, AES encryption typically comes in 3 "varieties" - AES 128, 192, and 256. AES 256, which uses 256-bit keys, is generally considered the strongest. So far, the only organizations I know that require AES 256 encryption are the US Government (for their Top Secret Information) and the State of Iowa.

Yes, unlike other states and organizations that also require encryption, the State of Iowa is quite explicit with its encryption requirements. The use of AES 256 for "file transfers" or "data in transit" is clearly specified in the State of Iowa's Enterprise Interconnectivity Security Standard and in their Data Backup Operational Standard.

If you have similar secure file transfer requirements as the State of Iowa and the US Government AND need to transmit files using any of these protocols: HTTPS, FTPS , SFTP , WebDAVS , OFTP , or AS2, I suggest you download and install the free, fully-functional evaluation edition of JSCAPE MFT Server and follow the instructions below.

For HTTPS File Transfers

WebDAVS and AS2 (if secured by SSL/TLS) run on HTTPS, so what ever you set here will also apply to your WebDAVS and AS2 services.

Navigate to Server > Settings > Web > SSL/TLS Ciphers and then select the cipher suites you're comfortable with that use AES 256.

selecting_aes_256_encryption_for_https

For FTPS File Transfers

Navigate into a domain and then go to Services > FTP/S > SSL/TLS Ciphers

disable_rc4_ftps

Like in the HTTPS settings, select the SSL/TLS cipher suites that use AES 256.

ssl_tls_cipher_suites_with_aes_256

For SFTP/SCP File Transfers

Go to Services > SFTP/SCP > Algorithms

disable_rc4_from_sftp

Once the SFTP/SCP Algorithms window pops-up, go to the Ciphers tab and then look for the AES 256 ciphers. Unless you prefer one mode over the other (e.g. CTR over CBC or CBC over CTR), select both.

choosing_aes_256_ciphers_for_sftp

For OFTP File Transfers

Go to Services > OFTP > SSL/TLS Ciphers and then, when the SSL/TLS Cipher Suites appears, select the cipher suites you like that use AES 256-bit encryption.

choosing_ssl_tls_with_aes_256_cipher_suites_for_oftp

For WebDAVs and AS2 File Transfers

Scroll up and read the section For HTTPS File Transfers.

That's it!