What are TLS Cipher Suites?
At the core of TLS are cipher suites, which are combinations of encryption algorithms that determine how encryption and authentication during data transmission are performed.
TLS Cipher Suites: Overview
A cipher suite is a combination of algorithms that secure communication during a TLS connection. Each cipher suite includes four key components: encryption algorithm, key exchange mechanism, certificate verification algorithm, and hash function. When a TLS connection is established, the client (e.g. web browser) and the server negotiate the cipher suite to be used, based on the algorithms supported by both parties.
Cipher Suites Components
Key exchange mechanism: Determines how parties exchange encryption keys. Examples of mechanisms include RSA, Diffie-Hellman (DH), and Elliptic Curve Diffie-Hellman (ECDH).
Encryption algorithm: Defines which algorithm is used for encrypting data. Common encryption algorithms include AES (Advanced Encryption Standard) and ChaCha20.
Certificate signature algorithm: Used for verifying digital signatures. Examples include RSA, ECDSA (Elliptic Curve Digital Signature Algorithm).
Hash function (Message Authentication Code, MAC): Ensures the integrity and authenticity of the message. Popular hash functions include SHA-256 and SHA-384.
Steps of TLS and the Significance of Cipher Suites
Establishing a TLS connection involves several stages where cipher suites play a key role:
Handshake
- Key exchange: At this stage, the key exchange mechanism is crucial. It enables the creation of a secret key that both parties can use to encrypt and decrypt the information during the connection.
- Server certificate verification: The client program uses the certificate verification algorithm to verify the authenticity of the server certificate. This ensures that the connection is made with the correct server.
Data Transfer
- Data encryption: When the keys have been exchanged, the selected encryption algorithm is used to encrypt the data. This ensures that the data remains confidential during transmission.
- Message integrity: The hashing function ensures that the data has not been altered during transmission. If the hash does not match, the information is considered tampered with.
Selection and Negotiation of Cipher Suites
At the beginning of the TLS connection, the client application sends a list of supported cipher suites to the server, which selects the most suitable one. The selection is based on security level, performance, and compatibility. Newer TLS versions, such as TLS 1.3, have reduced the number of supported cipher suites to improve security and simplify the negotiation process.
Examples of good and bad cipher suites
TLS cipher suites define in detail how communication is protected using TLS. Each cipher suite consists of several different components, such as key exchange mechanism, encryption algorithm, certificate authentication algorithm, and MAC algorithm (Message Authentication Code). Here are a few examples of good and bad cipher suites.
TLS_RSA_WITH_AES_128_CBC_SHA
- Key Exchange: RSA
- Encryption Algorithm: AES 128-bit CBC (Cipher Block Chaining) mode
- Verification algorithm: RSA
- Hash function: SHA-1
Evaluation: Outdated. SHA-1 and CBC mode have been proven vulnerable in certain conditions, so this cipher suite is not recommended for use.
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- Key Exchange: Ephemeral Elliptic Curve Diffie-Hellman (ECDHE)
- Encryption algorithm: AES 256-bit GCM (Galois/Counter Mode)
- Validation algorithm: RSA
- Hash function: SHA-384
Evaluation: Good. Uses strong encryption and Forward Secrecy, which enhances privacy. GCM provides both encryption and integrity protection.
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- Key Exchange: Diffie-Hellman Ephemeral (DHE)
- Encryption algorithm: AES 128-bit CBC
- Verification Algorithm: RSA
- Hash function: SHA-256
Evaluation: Moderate. Offers Forward Secrecy, but CBC mode is more vulnerable to certain attacks compared to GCM.
Summary
The best cipher suites are those that use modern encryption algorithms (such as AES-GCM, ChaCha20-Poly1305), support Forward Secrecy (ECDHE, DHE), and use strong hash functions (SHA-256, SHA-384). TLS 1.3 cipher suites typically offer the best security and performance. The use of outdated algorithms (such as CBC mode, 3DES, RSA without ECDHE) carries significant security risks.
Ready to become an ethical hacker?
Start today.
As a member of Hakatemia you get unlimited access to Hakatemia modules, exercises and tools, and you get access to the Hakatemia Discord channel where you can ask for help from both instructors and other Hakatemia members.