Jump to content

Talk:Cipher suite

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

named cipher suites

[edit]

The article incorrectly states "A reference for named cipher suites is provided in RFC 2434, the TLS Cipher Suite Registry."

The RFC given is the procedure for submissions. Lists of named cipher suites and reserved hex names are listed in the RFC for the TLS protocol (e.g. Appendix 5, RFC 4346 - TLS 1.1). Stephen Charles Thompson (talk) 21:16, 26 April 2010 (UTC)[reply]

Aes_128_gcm Hoangcuong95 (talk) 15:34, 8 February 2018 (UTC)[reply]

Chacha20_roly1305 Hoangcuong95 (talk) 15:39, 8 February 2018 (UTC)[reply]

Block cipher list

[edit]

The TLS 1.0 - 1.2 section references block ciphers and specifically calls out RC4. However, RC4 is a stream cipher. Should this be updated? Timmattison (talk) 17:05, 24 February 2017 (UTC)[reply]

Vulnerabilities

[edit]

The Vulnerabilities section states "If the version of encryption or authentication algorithm in a cipher suite have known vulnerabilities the cipher suite and TLS connection is then vulnerable." This is not accurate. A cipher suite may use a particular cipher that has a known vulnerability but that vulnerability may not apply within the context of how it is used in the suite. For example, collision attacks may apply to certain hash functions when an attacker controls part of the plaintext however the attacks may not apply in other scenarios (like in an HMAC construction). See https://wiki.riteme.site/wiki/Collision_attack#Attack_scenarios for details. 149.117.75.12 (talk) 00:15, 6 August 2021 (UTC)[reply]

OK, I guess that's possible. I changed is to may. ~Kvng (talk) 16:37, 12 August 2021 (UTC)[reply]