Meeting AES 256 Encryption Requirements For Data In Transit

Updated by John Carl Villanueva on


Not many organizations require AES 256 encryption to secure their sensitive documents. But those who do might find this post quite useful. Here, we'll show you how to enable FTPS, SFTP, HTTPS, WebDAVS, OFTP, and AS2 file transfers with AES 256 bit encryption. Does that look like something you can use? Read on!

In terms of key lengths, AES encryption typically comes in 3 "varieties" - AES 128, 192, and 256. AES 256, which uses 256-bit keys, is generally considered the strongest. So far, the only organizations I know that require AES 256 encryption are the US Government (for their Top Secret Information) and the State of Iowa. 

Yes, unlike other states and organizations that also require encryption, the State of Iowa is quite explicit with its encryption requirements. The use of AES 256 for "file transfers" or "data in transit" is clearly specified in the State of Iowa's Enterprise Interconnectivity Security Standard and in their Data Backup Operational Standard

If you have similar secure file transfer requirements as the State of Iowa and the US Government AND need to transmit files using any of these protocols: HTTPS, FTPSSFTP,WebDAVSOFTP, or AS2, I suggest you download and install the free, fully-functional evaluation edition of JSCAPE MFT Server and follow the instructions below.

Download Now  


For HTTPS File Transfers

WebDAVS and AS2 (if secured by SSL/TLS) run on HTTPS, so what ever you set here will also apply to your WebDAVS and AS2 services. 

Navigate to Server > Settings > Web > SSL/TLS Ciphers and then select the cipher suites you're comfortable with that use AES 256. 




For FTPS File Transfers

Navigate into a domain and then go to Services > FTP/S > SSL/TLS Ciphers





Like in the HTTPS settings, select the SSL/TLS cipher suites that use AES 256.




For SFTP/SCP File Transfers

Go to Services > SFTP/SCP > Algorithms




Once the SFTP/SCP Algorithms window pops-up, go to the Ciphers tab and then look for the AES 256 ciphers. Unless you prefer one mode over the other (e.g. CTR over CBC or CBC over CTR), select both.




For OFTP File Transfers

Go to Services > OFTP > SSL/TLS Ciphers and then, when the SSL/TLS Cipher Suites appears, select the cipher suites you like that use AES 256-bit encryption.




For WebDAVs and AS2 File Transfers

Scroll up and read the section For HTTPS File Transfers.


That's it!

If you like reading posts like this, subscribe to this blog or connect with us.



Topics: JSCAPE MFT, Secure File Transfer, SFTP, FTPS, AS2