Cipher suite

A cipher suite is a named combination of authentication, encryption, message authentication code (MAC) and key exchange algorithms used to negotiate the security settings for a network connection using the Transport Layer Security (TLS) / Secure Sockets Layer (SSL) network protocol.

The structure and use of the cipher suite concept is defined in the documents that define the protocol.^[1] A reference for named cipher suites is provided in the TLS Cipher Suite Registry.^[2]

Use[edit]

When a TLS connection is established, a handshaking, known as the TLS Handshake Protocol, occurs. Within this handshake, a client hello (ClientHello) and a server hello (ServerHello) message are passed.^[3] First, the client sends a cipher suite list, a list of the cipher suites that it supports, in order of preference. Then the server replies with the cipher suite that it has selected from the client cipher suite list.^[4] In order to test which TLS ciphers that a server supports an SSL/TLS Scanner may be used.

Detailed description[edit]

Each named cipher suite defines a key exchange algorithm, a bulk encryption algorithm, a message authentication code (MAC) algorithm, and a pseudorandom function (PRF).^[5]^[6]^[7]

The key exchange algorithm is used to determine if and how the client and server will authenticate during the handshake.^[8]
The bulk encryption algorithm is used to encrypt the message stream. It also includes the key size and the lengths of explicit and implicit initialization vectors (cryptographic nonces).^[9]
The message authentication code (MAC) algorithm is used to create the message digest, a cryptographic hash of each block of the message stream.^[10]
The pseudorandom function (PRF) is used to create the master secret, a 48-byte secret shared between the two peers in the connection. The master secret is used as a source of entropy when creating session keys, such as the one used to create the MAC.^[11]

Examples of algorithms used[edit]

key exchange/agreement: RSA, Diffie-Hellman, ECDH, SRP, PSK
authentication: RSA, DSA, ECDSA
bulk ciphers: RC4, Triple DES, AES, IDEA, DES, or Camellia. In older versions of SSL, RC2 was also used.
message authentication: for TLS, a Hash-based Message Authentication Code using MD5 or one of the SHA hash functions is used. For SSL, SHA, MD5, MD4, and MD2 are used.

Programming references[edit]

Programatically, a cipher suite is referred to as:

CipherSuite cipher_suites: a list of the cryptographic options supported by the client^[12]
CipherSuite cipher_suite: the cipher suite selected by the server and revealed in the ServerHello message^[13]

References[edit]

^ RFC 5246
^ TLS Cipher Suite Registry
^ RFC 5246, p. 37
^ RFC 5246, p. 40
^ "CipherSuites and CipherSpecs". IBM. Retrieved 20 November 2009.
^ "Cipher Suites in Schannel". Microsoft MSDN. Retrieved 20 November 2009.
^ RFC 5246, p. 40
^ RFC 5246, p. 47
^ RFC 5246, p. 17
^ RFC 5246, p. 17
^ RFC 5246, p. 16-17, 26
^ RFC 5246, p. 41
^ RFC 5246, p. 42-43, 64

[1] RFC 5246

[2] TLS Cipher Suite Registry

[3] RFC 5246, p. 37

[4] RFC 5246, p. 40

[5] "CipherSuites and CipherSpecs". IBM. Retrieved 20 November 2009.

[6] "Cipher Suites in Schannel". Microsoft MSDN. Retrieved 20 November 2009.

[7] RFC 5246, p. 40

[8] RFC 5246, p. 47

[9] RFC 5246, p. 17

[10] RFC 5246, p. 17

[11] RFC 5246, p. 16-17, 26

[12] RFC 5246, p. 41

[13] RFC 5246, p. 42-43, 64

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

Cipher suite

Contents

Use[edit]

Detailed description[edit]

Examples of algorithms used[edit]

Programming references[edit]

References[edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Interaction

Tools

Print/export

Languages