A cipher suite is a combination of a key exchange algorithm, authentication method, bulk encryption cipher, and message authentication code.
In a cryptosystem like TLS, the client and server must agree on a cipher suite before they can begin communicating securely. A typical cipher suite looks like ECDHE_RSA_WITH_AES_128_GCM_SHA256 or ECDHE-RSA-AES128-GCM-SHA256, indicating:
- ECDHE (elliptic curve Diffie-Hellman ephemeral) for key exchange
- RSA for authentication
- AES-128 as the cipher, with Galois/Counter Mode (GCM) as the block cipher mode of operation
- SHA-256 as the hash-based message authentication code (HMAC)
Learn more
View Previous Terms:
- Block cipher mode of operation
- Certificate authority
- Challenge-response authentication
- Cipher
- Ciphertext
- CORS
- CORS-safelisted request header
- CORS-safelisted response header
- Cross-site scripting
- Cryptanalysis
- Cryptographic hash function
- Cryptography
- CSP
- CSRF
- Decryption
- Digital certificate
- DTLS (Datagram Transport Layer Security)
- Encryption
- Forbidden header name
- Forbidden response header name
- Hash
- HMAC
- HPKP
- HSTS
- HTTPS
- Key
- MitM
- OWASP
- Preflight request
- Public-key cryptography
- Reporting directive
- Robots.txt
- Same-origin policy
- Session Hijacking
- SQL Injection
- Symmetric-key cryptography
- TOFU
- Transport Layer Security (TLS)
Credits
- Source: https://developer.mozilla.org/en-US/docs/Glossary/Cipher_suite
- Published under Open CC Attribution ShareAlike 3.0 license