Cipher suite

Lua error in package.lua at line 80: module 'strict' not found. A cipher suite is a named combination of authentication, encryption, message authentication code (MAC) and key exchange algorithms used to negotiate the security settings for a network connection using the Transport Layer Security (TLS) / Secure Sockets Layer (SSL) network protocol.

The structure and use of the cipher suite concept is defined in the documents that define the protocol.^[1] A reference for named cipher suites is provided in the TLS Cipher Suite Registry.^[2]

Use

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

When a TLS connection is established, a handshaking, known as the TLS Handshake Protocol, occurs. Within this handshake, a client hello (ClientHello) and a server hello (ServerHello) message are passed.^[3] First, the client sends a cipher suite list, a list of the cipher suites that it supports, in order of preference. Then the server replies with the cipher suite that it has selected from the client cipher suite list.^[4] In order to test which TLS ciphers that a server supports an SSL/TLS Scanner may be used.

Detailed description

Each named cipher suite, e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, defines a key exchange algorithm, a bulk encryption algorithm, a message authentication code (MAC) algorithm, and a pseudorandom function (PRF).^[5][6][4]

• The key exchange algorithm, e.g. ECDHE_RSA, is used to determine if and how the client and server will authenticate during the handshake.^[7]
• The bulk encryption algorithm, e.g. AES_128_GCM, is used to encrypt the message stream. It also includes the key size and the lengths of explicit and implicit initialization vectors (cryptographic nonces).^[8]
• The message authentication code (MAC) algorithm, e.g. SHA256, is used to create the message digest, a cryptographic hash of each block of the message stream.^[8]
• The pseudorandom function (PRF), e.g. TLS 1.2's PRF using the MAC-algorithm's hash function, is used to create the master secret, a 48-byte secret shared between the two peers in the connection. The master secret is used as a source of entropy when creating session keys, such as the one used to create the MAC.^[9]

Examples of algorithms used

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

key exchange/agreement

RSA, Diffie-Hellman, ECDH, SRP, PSK

authentication

RSA, DSA, ECDSA

bulk ciphers

RC4, Triple DES, AES, IDEA, DES, or Camellia. In older versions of SSL, RC2 was also used.

message authentication

for TLS, a Hash-based Message Authentication Code using MD5 or one of the SHA hash functions is used. For SSL, SHA, MD5, MD4, and MD2 are used.

Programming references

Programatically, a cipher suite is referred to as:

CipherSuite cipher_suites

a list of the cryptographic options supported by the client^[10]

CipherSuite cipher_suite

the cipher suite selected by the server from the client's cipher_suites and revealed in the ServerHello message^[11]

References

<templatestyles src="Reflist/styles.css" />

1. ↑ RFC 5246
2. ↑ TLS Cipher Suite Registry
3. ↑ RFC 5246, p. 37
4. ↑ ^{4.0 4.1} RFC 5246, p. 40
5. ↑ Lua error in package.lua at line 80: module 'strict' not found.
6. ↑ Lua error in package.lua at line 80: module 'strict' not found.
7. ↑ RFC 5246, p. 47
8. ↑ ^{8.0 8.1} RFC 5246, p. 17
9. ↑ RFC 5246, p. 16-17, 26
10. ↑ RFC 5246, p. 41
11. ↑ RFC 5246, p. 42-43, 64