Cipher suite

A cipher suite is a set of algorithms that help secure a network connection. Suites typically use Transport Layer Security (TLS) or its deprecated predecessor Secure Socket Layer (SSL). The set of algorithms that cipher suites usually contain include: a key exchange algorithm, a bulk encryption algorithm, and a message authentication code (MAC) algorithm.

The key exchange algorithm is used to exchange a key between two devices. This key is used to encrypt and decrypt the messages being sent between two machines. The bulk encryption algorithm is used to encrypt the data being sent. The MAC algorithm provides data integrity checks to ensure that the data sent does not change in transit. In addition, cipher suites can include signatures and an authentication algorithm to help authenticate the server and or client.

Overall, there are hundreds of different cipher suites that contain different combinations of these algorithms. Some cipher suites offer better security than others. But with the adoption of TLS 1.3, only 5 cipher suites have been officially supported and defined.

The structure and use of the cipher suite concept are defined in the TLS standard document. TLS 1.2 is the most prevalent version of TLS. The newest version of TLS (TLS 1.3) includes additional requirements to cipher suites. Cipher suites defined for TLS 1.2 cannot be used in TLS 1.3, and vice versa, unless otherwise stated in their definition.

A reference list of named cipher suites is provided in the TLS Cipher Suite Registry.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.