{"id":11113,"date":"2021-05-04T13:40:15","date_gmt":"2021-05-04T13:40:15","guid":{"rendered":"http:\/\/www.max-sperling.bplaced.net\/?p=11113"},"modified":"2024-02-16T10:36:19","modified_gmt":"2024-02-16T10:36:19","slug":"cipher-suites","status":"publish","type":"post","link":"http:\/\/www.max-sperling.bplaced.net\/?p=11113","title":{"rendered":"Cipher Suites"},"content":{"rendered":"

The ciper suite to be used between the client and the server gets negotiated during the SSL\/TLS handshake. The client therefor sends a list of ciper suites it supports and the server chooses one of them or rejects them.<\/p>\n

A cipher suite gets represented by a string like that:
\n

TLS<\/span>_ECDHE<\/span>_ECDSA<\/span>_WITH_AES_128_GCM<\/span>_SHA256<\/span><\/center><\/p>\n

Protocol<\/span>
\nThe overall protocol to setup a secure communication between client and server.
\n– SSL (Secure Socket Layer)
\n– TLS (Transport Layer Security)<\/p>\n

Key Exchange<\/span>
\nThe protocol to exchange the keys (asymmetric) for an encrypted handshake.
\n– PSK (Pre-Shared Key)
\n– DH (Diffie-Hellman)
\n—– DHE (DH Ephemeral)
\n—– ECDH (Elliptic Curve DH)
\n—– ECDHE (Elliptic Curve DH Ephemeral)
\n– RSA (Rivest-Shamir-Adleman)<\/p>\n

Server Authentification<\/span>
\nThe algorithm used by the server to generate the certificate key (asymmetric).
\n– DSA (Digital Signature Algorithm)
\n—– ECDSA (Elliptic Curve DSA)
\n– RSA (Rivest-Shamir-Adleman)<\/p>\n

Block Cipher<\/span>
\nThe symmetric encryption algorithm used for the communication after the handshake.
\n– NULL
\n– DES (Data Encryption Standard)
\n– AES (Advanced Encryption Standard)
\n– ChaCha20<\/p>\n

Message Integrity<\/span>
\nThe algorithm to generate a checksum (message + symmetric key) to verify the integrity.
\n– MD5 (Message-Digest Algorithm 5)
\n– SHA (Secure Hash Algorithm)<\/p>\n","protected":false},"excerpt":{"rendered":"

The ciper suite to be used between the client and the server gets negotiated during the SSL\/TLS handshake. The client<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false},"categories":[26],"tags":[],"_links":{"self":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts\/11113"}],"collection":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11113"}],"version-history":[{"count":1,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts\/11113\/revisions"}],"predecessor-version":[{"id":16800,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=\/wp\/v2\/posts\/11113\/revisions\/16800"}],"wp:attachment":[{"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11113"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.max-sperling.bplaced.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}