Rails 5.2 uses AES-256-GCM authenticated encryption

Sushant Mittal

By Sushant Mittal

on June 26, 2018

This blog is part of our  Rails 5.2 series.

Before Rails 5.2, AES-256-CBC authenticated encryption was the default cipher for encrypting messages.

It was proposed to use AES-256-GCM authenticated encryption as the default cipher for encrypting messages because of following reasons:

  • It produces shorter ciphertexts and performs quick encryption and decryption.
  • It is less error prone and more secure.

So, AES-256-GCM became default cipher for encrypting messages in Rails 5.2 .

If we do not want AES-256-GCM as default cipher for encrypting messages in our rails application, then we can disable it.

1Rails.application.config.active_support.use_authenticated_message_encryption = false

Default Encryption for cookies and sessions was also updated to use AES-256-GCM in this pull request.

If we do not want AES-256-GCM as default encryption of cookies and sessions, then we can disable it too.

1Rails.application.config.active_support.use_authenticated_cookie_encryption = false

Stay up to date with our blogs. Sign up for our newsletter.

We write about Ruby on Rails, ReactJS, React Native, remote work,open source, engineering & design.