An SSL cipher, or an SSL cipher suite, is a set of algorithms or a set of instructions/steps that helps to establish a secure connection between two entities.
SSL cipher suites determine the method through which a secure connection will take place between both entities.
This communication could be taking place through HTTPS, FTPS, SMTP, or other network protocols.
Table of Contents
Understanding SSL Cipher Suite
To negotiate secure communication, the client and the server need to come to terms with four crucial elements:
Get Your Free Linux training!
Join our free Linux training and discover the power of open-source technology. Enhance your skills and boost your career! Learn Linux for Free!- Key exchange algorithm
- Bulk encryption algorithm
- Data encryption algorithm
- Hash function
This is an example of a cipher suite:
DHE_RSA_AES256_SHA256
- DHE: The first part is the key exchange algorithm.
- RSA: The second section is the authentication algorithm.
- AES256: The third section is the type of encryption algorithm used.
- SHA256: The fourth component is the type of hashing algorithm used.
List of Recommended TLS 1.3 Cipher Suites
TLS 1.3, an upgraded version of TLS 1.2, brings a host of changes, including changes to the list of cipher suites. One of the most significant downsides of TLS 1.2 was the time it took to process the SSL/TLS handshake.
The biggest culprit behind this was the RSA algorithm, which uses large cryptographic keys to encrypt and decrypt the data. This resulted in increased computational overhead and latency.
The SSL cipher suite list has reduced dramatically from TLS 1.2 to TLS 1.3. Now, there are just five SSL cipher suites that are recommended:
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_AES_128_CCM_8_SHA256
- TLS_AES_128_CCM_SHA256
understanding TLS 1.3 Cipher Suites
Although TLS 1.3 uses the same cipher suite space as previous versions of TLS, TLS 1.3 cipher suites are defined differently, only specifying the symmetric ciphers, and cannot be used for TLS 1.2. Similarly, TLS 1.2 and lower cipher suites cannot be used with TLS 1.3 (IETF TLS 1.3 draft 21).
- There are 5 TLS v1.3 ciphers and 37 recommended TLS v1.2 ciphers.
- TLS v1.3 has deprecated the RSA key exchange and all other static key exchange mechanisms.
- TLS v1.3 has a new bulk cipher, AEAD or Authenticated Encryption with Associated Data algorithm. The AEAD Cipher can encrypt and authenticate the communication.
- TLS v1.3 cipher suites are more compact than TLS v1.2 cipher suites.
List of Approved TLS 1.2 Ciphers
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
Check supported Cipher Suites in Linux with openssl command
The below commands can be used to list the ciphers:
# openssl ciphers -help
usage: ciphers args
-v – verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL
-V – even more verbose
-ssl3 – SSL3 mode
-tls1 – TLS1 mode
# openssl ciphers -v
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
…..
Check Cipher Suites from Application server with openssl command
The following command will display all the cipher suites the application server supports.
It is very helpful to check which cipher suite the remote server provides. but it doesn’t work with TLS1.3.
nmap --script ssl-enum-ciphers -p 5432 localhost
# nmap –script ssl-enum-ciphers -p 5432 localhost
Starting Nmap 7.70 ( https://nmap.org ) at 2022-03-03 03:04 GMT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000057s latency).
Other addresses for localhost (not scanned): ::1
PORT STATE SERVICE
5432/tcp open postgresql
| ssl-enum-ciphers:
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) – A
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) – A
| TLS_DHE_RSA_WITH_AES_256_CCM (dh 2048) – A
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) – A
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) – A
| TLS_DHE_RSA_WITH_AES_128_CCM (dh 2048) – A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) – A
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) – A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) – A
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) – A
For TLS1.3, we can use openssl command to check each cipher suite.
- openssl s_client -connect localhost:5432 -tls1_3 -ciphersuites TLS_AES_128_GCM_SHA256 -starttls postgres
- openssl s_client -connect localhost:5432 -tls1_3 -ciphersuites TLS_AES_128_CCM_SHA256 -starttls postgres
SSL vs TLS
Protocol Version | Usage Recommendation |
---|---|
SSL v2 |
Do not use. Has serious security vulnerabilities.
|
SSL v3 |
Do not use. Has serious security vulnerabilities.
|
TLS 1.0 |
Use for interoperability purposes where needed. Has known issues that cannot be mitigated in a way that guarantees interoperability, and thus mitigations are not enabled by default. Does not support modern cipher suites.
|
TLS 1.1 |
Use for interoperability purposes where needed. Has no known issues but relies on protocol fixes that are included in all the
TLS implementations in Red Hat Enterprise Linux. Does not support modern cipher suites. |
TLS 1.2 |
Recommended version. Supports the modern
AEAD cipher suites. |
Summary
Cipher suites are an integral part to the TLS Handshake, telling the client and server how to encrypt their information for the other to understand.
The TLS Handshake, which connects a client and server in a secure connection, is used every day to connect to websites, so ensuring it is the most secure it can be is extremely important.
Cipher suites are just one way to ensure safe and trusted connections. Code signing, proper certificate management, and secure SSH keys are all other secure connection methods that must also be implemented properly, to ensure the most secure connection to servers.
Related:
- Exploring SSL Certificate Chain with Examples
- Understanding X509 Certificate with Openssl Command
- OpenSSL Command to Generate View Check Certificate
- Converting CER CRT DER PEM PFX Certificate with Openssl
- SSL vs TLS and how to check TLS version in Linux
- Understanding SSH Key RSA DSA ECDSA ED25519
- Understanding server certificates with Examples