IECrypto
IECrypto 0.1

Note:

This program was originally announced in comp.security.pgp.discuss and was available from the author's home page, but that page has been down for some time. Since I have been unable to locate the program anywhere else on the Net, and since the program is GPL'ed, I am now making it available from this page. IECrypto is provided "as is," exactly as I found it on the author's old home page.

From the author:

I just started internet banking and wanted to see what algorithms were being used with both Internet Explorer 4/5 and Netscape Navigator 4.3 for SSL. For some reason Netscape will default to using RC4. By going to the security settings and clicking on 'Navigator' a user can tell Netscape what encryption algorithms to use by disabling all the other algorithms. I like 3DES and SHA1, and didn't want to use RC4. Netscape gives you this special feature within the application.

On the other hand, Internet Explorer gives you no such option to change its settings, and still defaults to RC4. So I went on a scavenger hunt to find the information I needed to modify the registry. I found this document...

http://support.microsoft.com/default.aspx?scid=KB;en-us;q245030

...and found the information I was looking for. I have added this feature to IE.

Download Binaries and Source here:

IECrypto.zip (201 kb)

By choosing the FIPS level within IECrypto, a user can force Internet Explorer to use 3DES and SHA (or any other combination) in SSL transactions.

BTW: You can test what SSL algorithm is defaulted by going to:

https://www.fortify.net/sslcheck.html

The highlighted algorithm on Fortify is the algorithm is the default algorithm currently being used. I have tried many SSL sites and it always defaults to RC4. If you select in IECrypto the FIPS method, the SSL layer will always choose the securest algorithm (in my opinion) 3DES. 

BTW: You must restart IE after executing IECrypto.

-Sincerely,
Ryan Phillips

/*

IECrypto: Use any SSL encryption algorithm you want with Internet Explorer Copyright (C) 2000 Ryan Phillips

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the

Free Software Foundation, Inc. 
59 Temple Place 
Suite 330
Boston, MA 02111-1307 
USA

*/

Home [frames]          Home [no frames]

© 2000-2003 Eric L. Howes