Key suite

Others 2021-03-21 23:11:52 views: null

Cipher suite

1. Definition

Cipher Suite, cipher suite, namely cipher suite. It is a concept in the TLS/SSL network protocol. Refers to the server and client used in ssl communication 加密算法的组合.

Second, the use process

In the early stage of the ssl handshake, the client sends a list of cipher suites it supports to the server, and the server selects a suite as much as possible from it according to its own configuration as the encryption method to be used later.

Three, examples

The following is a set of cipher suites sent by the client to the server:

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256                          (0xc02f)

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384                          (0xc030)

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384                          (0xc028)

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                             (0xc014)

TLS_RSA_WITH_AES_256_GCM_SHA384                                 (0x9d)

TLS_RSA_WITH_AES_256_CBC_SHA256                                 (0x3d)

TLS_RSA_WITH_AES_256_CBC_SHA                                    (0x35)

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA                               (0x84)

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256                           (0xc027)

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                              (0xc013)

TLS_RSA_WITH_AES_128_GCM_SHA256                                 (0x9c)

TLS_RSA_WITH_AES_128_CBC_SHA256                                 (0x3c)

TLS_RSA_WITH_AES_128_CBC_SHA                                    (0x2f)

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA                               (0x41)

TLS_RSA_WITH_3DES_EDE_CBC_SHA                                   (0xa)

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA                             (0xc012)

Each entry represents a cipher suite. Take the first article as an example to interpret the content:

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256                          (0xc02f)
  • TLS: Indicates that it is based on the TLS protocol.
  • ECDHE: The Handshake phase of TLS/SSL uses ECDHE to exchange symmetric keys.
  • RSA: Authentication of TLS/SSL uses RSA to verify the signature of the certificate.
  • AES_128_GCM: Encryption of TLS/SSL uses AES in GCM, the length is 128.
  • HA256: Hasning uses SHA256, and SHA384 and SHA512 are common.
  • 0xc02f: The identifier of the encryption suite. Each encryption suite is identified by a unique number. In terms of openssl, it is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

references

https://www.trustasia.com/jmtjssl Encryption Suite

https://baike.baidu.com/item/%E5%AF%86%E7%A0%81%E5%A5%97%E4%BB%B6/22657345?fr=aladdin cipher suite

https://blog.csdn.net/hxg117/article/details/90665260 HTTPS cipher suite components

Guess you like

Origin blog.csdn.net/u013617791/article/details/105619693
Recommended
NetBSD bans submission of code generated by AI
Ranking
Talk dubbo of LRUCache
Chapter 1 Learning Summary
Introduction to Virtualization
pytorch 调用lstm
Six modules
[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array
mybatis mapper mapping file $ # {} {} understanding and
C language input and output buffer
c language floating-point input and output
andorid P version compatible, refer to Huawei
Daily
More
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)

Code World

© 2018 codetd.com