TLS Building Blocks: Cipher Suites

What are TLS Cipher Suites?

At the core of TLS are cipher suites, which are combinations of encryption algorithms that determine how encryption and authentication during data transmission are performed.

TLS Cipher Suites: Overview

A cipher suite is a combination of algorithms that secure communication during a TLS connection. Each cipher suite includes four key components: encryption algorithm, key exchange mechanism, certificate verification algorithm, and hash function. When a TLS connection is established, the client (e.g. web browser) and the server negotiate the cipher suite to be used, based on the algorithms supported by both parties.

Cipher Suites Components

Key exchange mechanism: Determines how parties exchange encryption keys. Examples of mechanisms include RSA, Diffie-Hellman (DH), and Elliptic Curve Diffie-Hellman (ECDH).

Encryption algorithm: Defines which algorithm is used for encrypting data. Common encryption algorithms include AES (Advanced Encryption Standard) and ChaCha20.

Certificate signature algorithm: Used for verifying digital signatures. Examples include RSA, ECDSA (Elliptic Curve Digital Signature Algorithm).

Hash function (Message Authentication Code, MAC): Ensures the integrity and authenticity of the message. Popular hash functions include SHA-256 and SHA-384.

Steps of TLS and the Significance of Cipher Suites

Establishing a TLS connection involves several stages where cipher suites play a key role:

Handshake

• Key exchange: At this stage, the key exchange mechanism is crucial. It enables the creation of a secret key that both parties can use to encrypt and decrypt the information during the connection.
• Server certificate verification: The client program uses the certificate verification algorithm to verify the authenticity of the server certificate. This ensures that the connection is made with the correct server.

Data Transfer

• Data encryption: When the keys have been exchanged, the selected encryption algorithm is used to encrypt the data. This ensures that the data remains confidential during transmission.
• Message integrity: The hashing function ensures that the data has not been altered during transmission. If the hash does not match, the information is considered tampered with.

Selection and Negotiation of Cipher Suites

At the beginning of the TLS connection, the client application sends a list of supported cipher suites to the server, which selects the most suitable one. The selection is based on security level, performance, and compatibility. Newer TLS versions, such as TLS 1.3, have reduced the number of supported cipher suites to improve security and simplify the negotiation process.

Examples of good and bad cipher suites

TLS cipher suites define in detail how communication is protected using TLS. Each cipher suite consists of several different components, such as key exchange mechanism, encryption algorithm, certificate authentication algorithm, and MAC algorithm (Message Authentication Code). Here are a few examples of good and bad cipher suites.

TLS_RSA_WITH_AES_128_CBC_SHA

• Key Exchange: RSA
• Encryption Algorithm: AES 128-bit CBC (Cipher Block Chaining) mode
• Verification algorithm: RSA
• Hash function: SHA-1

Evaluation: Outdated. SHA-1 and CBC mode have been proven vulnerable in certain conditions, so this cipher suite is not recommended for use.

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

• Key Exchange: Ephemeral Elliptic Curve Diffie-Hellman (ECDHE)
• Encryption algorithm: AES 256-bit GCM (Galois/Counter Mode)
• Validation algorithm: RSA
• Hash function: SHA-384

Evaluation: Good. Uses strong encryption and Forward Secrecy, which enhances privacy. GCM provides both encryption and integrity protection.

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

• Key Exchange: Diffie-Hellman Ephemeral (DHE)
• Encryption algorithm: AES 128-bit CBC
• Verification Algorithm: RSA
• Hash function: SHA-256

Evaluation: Moderate. Offers Forward Secrecy, but CBC mode is more vulnerable to certain attacks compared to GCM.