NicSRS
US - English

Blog > What Are Cipher Suites and Why Are They Used? A Beginner's Guide

What Are Cipher Suites and Why Are They Used? A Beginner's Guide

Tag:

cipher suite

algorithm

SSL handshake

1718:0

AndreaJanuary 10 2023

The SSL/TLS secure connection is largely achieved and guaranteed through cipher suites. Now you may ask: What are cipher suites exactly? This article is here to help. In this article, we will introduce what cipher suites are, what they are used for, how they are selected and why they are important.

Cipher suites typically use Transport Layer Security (TLS). Many people are still referring to TLS as SSL. The SSL protocol is in fact deprecated and considered not secure anymore. Nevertheless, the term remains and is still widely used. Today, in fact, what we use is the TLS protocol. And before we go further, it's necessary to explain the concept of the SSL/TLS handshake briefly. For the server and the browser to establish a secure connection, the first thing that takes place is the SSL/TLS handshake process. During the process, the server would send its SSL certificate to the browser for identity verification. And the two parties will need to select a mutually supported cipher suite to both encrypt and authenticate the data transmitted. The cipher suite is at the core of achieving secure communication and creating difficulties for cybercriminals.

What Are Cipher Suites?

A cipher suite is a set of cryptographic algorithms that plays an indispensable role in implementing data integrity and confidentiality in the SSL/TLS-secured connection. Depending on the version of the TLS protocol used, the cipher suites available can vary. While TLS 1.2 has 37 combinations of cipher suites, TLS 1.3 has reduced this number to 5. We'll take a closer look at the cipher suites for TLS 1.2 protocol first.
In TLS 1.2, there are four algorithms that make up a cipher suite.

Key exchange algorithm: how symmetric keys are exchanged between the server and the browser.
Digital signature algorithm/authentication algorithm: how the server and the browser are authenticated
Bulk encryption algorithm: used to encrypt the data
Hashing algorithm/Message authentication code (MAC) algorithm: how to determine data integrity

These complex algorithms work together to comprise a cipher suite. We will get into each of these four algorithms later.

When Are Cipher Suites Needed?

When you (the client) use a browser to view a website (the server), a secure connection has to be established to ensure a safe and private data communication. The process of achieving this basically includes identity authentication and the cryptographic algorithms that can be used for encryption and decryption. Therefore, the server and the browser need to agree on a set of algorithms, i.e. the cipher suites, in order for both parties to establish a secure connection. Obviously, different servers and browsers have wildly different capabilities. As a result, there can be many different choices of cipher suites. If the two sides cannot find a mutually supported cipher suite, it will result in a "handshake failed error".

Ciphers are essentially mathematical functions. We won't dive too deep into how they do what they do, but hopefully by the end of this article you'll understand the basics and why they are there.

Key Exchange Algorithm

 

Before any data can be transmitted securely between the server and the browser, the key exchange must be completed. The key exchange algorithm determines the parameters for generating a shared key that will be used to both encrypt and decrypt the data. Question is, this key cannot just be sent through unprotected methods. It's understandable right? If anyone can get the key easily, the data transmitted are basically visible to all. Therefore, the key exchange algorithm is designed to encrypt the KEY transferred. This happens during the handshake process. The browser or the client requests a connection and sends a list of supported cipher suites to the server, and then the server will compare the list with its own and select one cipher suite for use. After this is done, the two sides will start the key exchange. Some of the representative key exchange algorithms include ECDHE, RSA, DH and ECDH. With TLS 1.2, it's very common to see RSA used in the key exchange stage. But TLS 1.3 has discarded RSA key exchange due to its known vulnerabilities.

Authentication Algorithm/Digital Signature Algorithm

This algorithm determines how the server authentication and client authentication will be implemented. During the handshake process, the server sends its SSL certificate to the browser. The browser will then verify the signature of the certificate using the authentication algorithm they have agreed upon. When the server requires to verify the client, the common methods to implement authentication include password authentication and digital certificate authentication. However, client certificates are rarely used because they have to be installed and are way too technical for most users. It will only be carried out if the server is configured to ask for a client certificate. And just like a server certificate, the client certificate also has a digital signature signed by a trusted CA.
The most common authentication algorithms employed include DSA, RSA and ECDSA. And yes, RSA can function as a key exchange algorithm and as an authentication algorithm too.

Bulk Encryption Algorithm

A bulk cipher is the actual encryption method. There are two kinds of bulk encryption ciphers that are generally used: Block cipher and stream cipher.
As the name suggests, block cipher encrypts data in blocks. The recipient, upon receiving the data, decrypts the blocks and pieces the data back together. Whereas the stream cipher encrypts data in long pseudorandom streams.
AES, the acronym for advanced encryption standard, is originally a blocker cipher but can run as a stream cipher in counter mode. Both TLS 1.2 and TLS 1.3 use AES as their standard bulk encryption method. CHACHA20_POLY1305 is a stream cipher and relatively new in the cipher family. In practice, CHACHA is much faster than AES and easy to implement with excellent performance.

Message Authentication Code (MAC) Algorithm/Hashing Algorithm

This algorithm is used to facilitate data integrity and authentication. The process is to take a text or a file of any length, run it through the function chosen, and produce a string of incomprehensible characters of fixed bit length. In a word, the algorithm makes the original text unreadable without the correct key. The result is called a hash or hash value. No two texts can be used to produce the same hash. Thus, with this algorithm, the recipient will know whether a message has been tampered with or not by comparing the hashing value with the original hash. Nowadays the most widely used hashing algorithm is SHA among which SHA-2 family has been considered very secure and strong so far.

Now we've explained the four components of a cipher suite. Let's take a look at what a TLS 1.2 cipher suite may look like:

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

 

In this example, the TLS indicates the protocol used, ECDHE is the key exchange algorithm, ECDSA refers to the digital signature algorithm, AES_128_CBC the bulk encryption algorithm, and SHA_256 the hashing algorithm/message authentication code algorithm.

 

What's Changed in TLS 1.3?

 

In TLS 1.3 protocol, there are only two algorithms: The bulk encryption algorithm and the message authentication code (MAC) algorithm. TLS 1.3 has officially eliminated key exchange algorithm and digital signature algorithm. Also, it removed block mode ciphers from the bulk encryption algorithm. In comparison to TLS 1.2, TLS 1.3 has simplified the handshake process by reducing the number of negotiations in the handshake and the number of algorithms. The following is an example of a TLS 1.3 cipher suite.

TLS_AES_256_GCM_SHA384

 

Again, the TLS indicates what the cipher suite is used for, AES_256_GCM refers to the bulk encryption algorithm, and SHA384 is the hashing algorithm used.

As we mentioned before, TLS 1.3 has only 5 cipher suites, while TLS 1.2 has 37. OK, this is not "the more the merrier" scenario. After all, not all of these algorithms are considered secure enough. TLS 1.3 is considered stronger because it no longer supports ciphers and algorithms that have known flaws and vulnerabilities. That said, the TLS 1.2 protocol is still the most commonly used for the time being, but more and more servers are transferring to TLS 1.3.

The five cipher suites supported in TLS 1.3:
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256
TLS_AES_128_CCM_SHA256
TLS_AES_128_CCM_8_SHA256

 

 

Summary

A cipher suite is a set of algorithms selected and employed by the server and the browser to facilitate authentication and secure communication. Each algorithm plays their own role in implementing encryption. Different cipher suites have different security levels, and some of them are less strong than others. Although TLS 1.3 only supports 5 cipher suites, it's in fact more secure and quicker than TLS 1.2. The latter is still very popular since it supports as many as 37 cipher suites and thus makes it more compatible. In the future, TLS 1.2 will eventually be replaced by TLS 1.3 as a result of security levels and performance consideration.

 

 

Comments