A cipher suite is a set of algorithms that help secure a network connection that uses Transport Layer Security (TLS) or its now-deprecated predecessor Secure Socket Layer (SSL).
and also is should be cipher-suite.
Questions tagged [ciphersuite]
25 questions
18
votes
1 answer
Why does TLS 1.3 support two CCM variants?
One of the important improvements introduced in TLS 1.3 is the pruning of the many previously available cipher suites to only five secure options (for symmetric ciphers), that are each supposed to have distinct advantages. For four of these, the…
AardvarkSoup
- 283
- 2
- 7
8
votes
1 answer
Cipher suites: same name, different IDs, why?
Sorry if I missed with a community to ask.
Recently I stumbled on a fact that the same cipher suite can be designated by two different IDs, and this is not a typo nor single occasion.
For…
Yury Schkatula
- 183
- 6
8
votes
3 answers
Explanation of openssl ciphersuites
I'm looking for a detailed explanation of the ciphersuites available in openssl.
openssl already offers the ciphers command which can be used to output, for example, the following:
$ openssl ciphers -v "HIGH,-SHA,-AES256"
DH-DSS-AES128-GCM-SHA256…
Elias
- 4,933
- 1
- 16
- 32
8
votes
3 answers
What is DES-EDE3-CBC?
I came across DES-EDE3-CBC and a quick search didn't yield a clear explanation of what it is.
Clearly, DES is the Data Encryption Standard and CBC is the Cipher Block Chaining mode.
EDE is probably Encrypt-Decrypt-Encrypt and maybe the 3 means that…
Erwin
- 263
- 3
- 6
7
votes
1 answer
Which TLS features are vulnerable to chosen-prefixes collision on SHA-1?
Gaëtan Leurent and Thomas Peyrin's preprint From Collisions to Chosen-Prefix Collisions - Application to Full SHA-1 (in volume 1 of proceedings of the forthcoming Eurocrypt 2019) shows a feasible chosen-prefixes collision attack on SHA-1. Given…
fgrieu
- 149,326
- 13
- 324
- 622
5
votes
1 answer
DSS security in comparison to ECDSA or RSA
OpenVPN allows the users to choose the TLS cipher suite, depending on the deployed SSL/TLS library. With OpenSSL 1.0.2g and OpenVPN 2.3.11 this is a rather long list (Full list).
Amongst the many options there are TLS cipher suites like the…
SaAtomic
- 289
- 3
- 10
4
votes
2 answers
Are the following ciphersuites vulnerable? if so, what are the vulnerabilities?
Following ciphersuites found to be weak in Qualys(https://www.ssllabs.com/ssltest/analyze.html) tool:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH x25519 (eq. 3072
bits RSA) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH
x25519…
user105523
- 41
- 1
3
votes
2 answers
How to recognize Authenticated Encryption with Associated Data ciphersuites
I have some doubts regarding AEAD ciphersuites and I need some clarification. In the following ciphersuites…
user6875880
- 503
- 4
- 15
3
votes
1 answer
Is there open-source test tool that operate TLS server/client with unexpected behaviors
I'm working in an embedded system that uses TLS v1.2 protocol for network security and it acts as a client.
Now I want to test some TLS security functions that require connecting with a TLS server and see how a client interacts if the server tries…
songoku711
- 31
- 1
2
votes
1 answer
Why don't the TLS1.3 cipher suites mention the key exchange and digital signature algorithm in names?
Does it mean both RSA and ECDSA certificates can be used with the same cipher suite?
Saptarshi Basu
- 528
- 5
- 17
2
votes
2 answers
Picking a cipher suite for embedded system emails
I have an embedded system product that emails out event notifications periodically. I have implemented a non secured email version, but want to use SSL/TLS, if possible. Can I only use 1 cipher suite for space considerations? Or, do I have to…
Sutton Mehaffey
- 21
- 1
1
vote
1 answer
TLS 1.3 Ciphersuite SHA Level
As I like to make my tin-foil hat using only the finest quality metal, I was overjoyed to see that Firefox/NSS (I'm using Arch Linux) has recently added support for the P-521 ECDH group in compatibility with TLS 1.3 (albeit not part of suite B).
It…
hut_rudder
- 11
- 2
1
vote
1 answer
What does TLS_ECDHE_ECDSA_with_AES_128_CCM means collectively. What is the signature algorithm and keys used here?
Will the signature algorithm be ECDSA and key (i) ECC key or (ii) ECDHE and ECDSA keys?
wanglen soram
- 31
- 7
1
vote
1 answer
Security of ciphersuite and key
Is anyone able to cite resources that can be based on choosing a cipher suite?
In my case, for a VPN server (OpenVPN) I chose a set of ciphers:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
It provides 128 bits of security. I have a dilemma regarding the…
Sebeusz
- 13
- 2
1
vote
2 answers
CBC related TLS cipher suites to be disabled in the server side
I understand the TLS cipher suites using CBC mode are susceptible to timing attacks. From that understanding it seems that the cipher suites using GCM (CTR-based) are safe to use considering they don't need padding.
However, in Java, SunJSSE…
Saptarshi Basu
- 528
- 5
- 17