Talk:Cipher suite
This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||||||||||||
|
named cipher suites
[edit]The article incorrectly states "A reference for named cipher suites is provided in RFC 2434, the TLS Cipher Suite Registry."
The RFC given is the procedure for submissions. Lists of named cipher suites and reserved hex names are listed in the RFC for the TLS protocol (e.g. Appendix 5, RFC 4346 - TLS 1.1). Stephen Charles Thompson (talk) 21:16, 26 April 2010 (UTC)
Aes_128_gcm Hoangcuong95 (talk) 15:34, 8 February 2018 (UTC)
Chacha20_roly1305 Hoangcuong95 (talk) 15:39, 8 February 2018 (UTC)
Block cipher list
[edit]The TLS 1.0 - 1.2 section references block ciphers and specifically calls out RC4. However, RC4 is a stream cipher. Should this be updated? Timmattison (talk) 17:05, 24 February 2017 (UTC)
Vulnerabilities
[edit]The Vulnerabilities section states "If the version of encryption or authentication algorithm in a cipher suite have known vulnerabilities the cipher suite and TLS connection is then vulnerable." This is not accurate. A cipher suite may use a particular cipher that has a known vulnerability but that vulnerability may not apply within the context of how it is used in the suite. For example, collision attacks may apply to certain hash functions when an attacker controls part of the plaintext however the attacks may not apply in other scenarios (like in an HMAC construction). See https://wiki.riteme.site/wiki/Collision_attack#Attack_scenarios for details. 149.117.75.12 (talk) 00:15, 6 August 2021 (UTC)
- OK, I guess that's possible. I changed is to may. ~Kvng (talk) 16:37, 12 August 2021 (UTC)
- C-Class Computing articles
- Mid-importance Computing articles
- C-Class Computer networking articles
- High-importance Computer networking articles
- C-Class Computer networking articles of High-importance
- All Computer networking articles
- C-Class Computer Security articles
- Top-importance Computer Security articles
- C-Class Computer Security articles of Top-importance
- All Computer Security articles
- All Computing articles
- C-Class Internet articles
- Mid-importance Internet articles
- WikiProject Internet articles
- C-Class Cryptography articles
- Top-importance Cryptography articles
- C-Class Computer science articles
- Mid-importance Computer science articles
- WikiProject Computer science articles
- WikiProject Cryptography articles