Rails 5.2 uses AES-256-GCM authenticated encryption

Sushant Mittal

By Sushant Mittal

on June 26, 2018

This blog is part of our  Rails 5.2 series.

Before Rails 5.2, AES-256-CBC authenticated encryption was the default cipher for encrypting messages.

It was proposed to use AES-256-GCM authenticated encryption as the default cipher for encrypting messages because of following reasons:

  • It produces shorter ciphertexts and performs quick encryption and decryption.
  • It is less error prone and more secure.

So, AES-256-GCM became default cipher for encrypting messages in Rails 5.2 .

If we do not want AES-256-GCM as default cipher for encrypting messages in our rails application, then we can disable it.

1Rails.application.config.active_support.use_authenticated_message_encryption = false

Default Encryption for cookies and sessions was also updated to use AES-256-GCM in this pull request.

If we do not want AES-256-GCM as default encryption of cookies and sessions, then we can disable it too.

1Rails.application.config.active_support.use_authenticated_cookie_encryption = false

If you liked this blog, you might also like the other blogs we have written. Check out the full archive.

Stay up to date with our blogs. Sign up for our newsletter.

We write about Ruby on Rails, React.js, React Native, remote work,open source, engineering & design.