Technical reference details about encryption in Office 365

Refer to this article to learn about certificates, technologies, and TLS cipher suites used for encryption in Office 365. This article also provides details about planned deprecations.

Microsoft Office 365 certificate ownership and management

You do not need to purchase or maintain certificates for Office 365 because Microsoft uses its own certificates.

Current encryption standards and planned deprecations

In order to continue to provide best-in-class encryption for Office 365, Microsoft regularly reviews supported encryption standards. Sometimes, we need to deprecate old standards as they become out of date and therefore less secure. This topic describes currently supported cipher suites and other standards as well as details about planned deprecations.

Versions of TLS supported by Office 365

Transport Layer Security (TLS), and SSL that came before TLS, are cryptographic protocols that secure communication over a network by using security certificates to encrypt a connection between computers. Office 365 supports several versions of TLS, including:

  • TLS version 1.2 (TLS 1.2)

  • TLS version 1.1 (TLS 1.1)

  • TLS version 1.0 (TLS 1.0)

TLS 1.0 and TLS 1.1 support will be deprecated October 31, 2018. See Deprecating support for TLS 1.0 and 1.1 and what this means for you for more information.

Deprecating support for TLS 1.0 and 1.1 and what this means for you

As of October 31, 2018, Office 365 will no longer support TLS 1.0 and 1.1. This means that Microsoft will not fix new issues that are found in clients, devices, or services that connect to Office 365 by using TLS 1.0 and 1.1.

Note This doesn't mean Office 365 will block TLS 1.0 and 1.1 connections. There is no official date for disabling or removing TLS 1.0 and 1.1 in the TLS service for customer connections. The eventual deprecation date will be determined by customer telemetry and is not yet known. After a decision is made, there will be an announcement six months in advance unless we become aware of a known compromise, in which case we may have to act in less than six months to protect customers who use the services.

You should make sure that all client-server and browser-server combinations use TLS 1.2 (or a later version) to maintain connection to Office 365 services. You may have to update certain client-server and browser-server combinations. For information about how this impacts you, see Preparing for the mandatory use of TLS 1.2 in Office 365.

Deprecating support for 3DES

As of October 31, 2018, Office 365 will no longer support the use of 3DES cipher suites for communication to Office 365. More specifically, Office 365 will no longer support the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite. Clients and servers communicating with O365 after this date must support at least one of the more secure ciphers listed in this topic (see TLS cipher suites supported by Office 365).

Deprecating SHA-1 certificate support in Office 365

As of June 2016, Office 365 no longer accepts a SHA-1 certificate for outbound or inbound connections. If you are currently using a certificate with SHA-1 in the certificate chain, you will need to update the chain to use SHA-2 (Secure Hash Algorithm 2) or a stronger hashing algorithm.

Deprecating RC4 support in Office 365

In July 2015, support for the following RC4 cipher suites was discontinued:

  • TLS_RSA_WITH_RC4_128_SHA

  • TLS_RSA_WITH_RC4_128_MD5

Deprecating Secure Sockets Layer (SSL) 3.0 support in Office 365

Starting December 1, 2014, Office 365 began disabling support for Secure Sockets Layer (SSL) 3.0, the predecessor to TLS. For more information, see Security advisory 3009008. For instructions on how to ensure clients are using TLS 1.0 or higher and to disable SSL 3.0, see Protecting SSL 3.0 vulnerability.

TLS cipher suites supported by Office 365

A cipher suite is a collection of encryption algorithms that TLS uses to establish secure connections. Cipher suites supported by Office 365 are listed in the following table in order of strength with the strongest cipher suite listed first. When Office 365 receives a connection request, Office 365 first attempts to connect using the topmost cipher suite then, if unsuccessful, tries the second cipher suite in the list and so on down the list. When Office 365 sends a connection request to another server or to a client, it's up to the receiving server or client to choose the cipher suite or whether TLS will be used at all.

Protocols Cipher suite name Key exchange algorithm/Strength Perfect Forward Secrecy support Authentication algorithm/Strength Cipher/Strength
TLS 1.2
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384
ECDH/192
Yes
RSA/112
AES/256
TLS 1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256
ECDH/128
Yes
RSA/112
AES/128
TLS 1.0, 1.1, 1.2
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
ECDH/192
Yes
RSA/112
AES/256
TLS 1.0, 1.1, 1.2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
ECDH/128
Yes
RSA/112
AES/128
TLS 1.2
TLS_RSA_WITH_AES_256_CBC_SHA256
RSA/112
No
RSA/112
AES/256
TLS 1.2
TLS_RSA_WITH_AES_128_CBC_SHA256
RSA/112
No
RSA/112
AES/128
TLS 1.0, 1.1, 1.2
TLS_RSA_WITH_AES_256_CBC_SHA
RSA/112
No
RSA/112
AES/256
TLS 1.0, 1.1, 1.2
TLS_RSA_WITH_AES_128_CBC_SHA
RSA/112
No
RSA/112
AES/128
TLS 1.0, 1.1, 1.2
TLS_RSA_WITH_3DES_EDE_CBC_SHA
RSA/112
No
RSA/112
3DES/192

Encryption in Office 365

Set up encryption in Office 365 Enterprise

Schannel implementation of TLS 1.0 in Windows security status update: November 24, 2015

TLS/SSL Cryptographic Enhancements (Windows IT Center)