SSL Cipher Suites – Basics and Use Cases

When a message is sent across a connection, normally a TLS/SSL connection is used to encrypt the data in the message. To create this connection, a TLS Handshake occurs. Inside of that Handshake, the client and server exchange available cipher suites to ensure they use the same ciphers during the TLS Handshake.

A cipher suite provides instructions on how to secure the TLS/SSL connection by providing information on which ciphers are used by the client or server to create keys, authenticate users, etc. Cipher suites must be traded between the client and server to ensure the ciphers used in the TLS Handshake match and the client and server can understand each other.

How does a TLS handshake work?

A TLS Handshake is the process undertaken between a client and server to create a secure connection and encrypt the data sent through that connection. A TLS Handshake contains the following steps:

1. Client Hello

   The client hello stage involves the client sending a request to the server to communicate. The TLS version, cipher suites supported, and a string of random bytes known as the “client random” are included in the hello.

2. Server Hello

   In the server hello, the server acknowledges the client hello and ensures it is using a TLS version that is compatible with the client TLS version. The server also selects a compatible cipher suite from the ones offered by the client, and sends its certificate, the server random (similar to the client random), and the public key to the client.

3. Certificate Validation

   The validity of the server’s certificate is then checked by the client through the certificate authority. The certificate authority, or CA, is a highly trusted entity given the responsibility of signing and generating digital certificates.

4. Pre-Master String

   In this stage, the client encrypts a random string of bytes, called the “Pre-Master String”, with the server’s public key and sends it back to the server. This ensures that only the server can decrypt the key with its own private key, which adds an extra layer of security to the process.

5. Session Key Creation

   The server then decrypts the pre-master key, and both the client and server create session keys from the client random, the server random, and the premaster string.

6. Finished Messaging

   Finally, the client and server send each other messages saying they have finished creating their keys, and they compare keys with each other. If the session keys match, the TLS Handshake is completed, and the session keys are used to encrypt and decrypt any data sent between the server and client.

Now that we understand how a TLS Handshake works, we can focus on cipher suites in a TLS Handshake specifically.

Cipher Suites

Cipher suites contain four different components:

1. Key Exchange Algorithm

   The information exchange process requires a secure connection to send unencrypted data, or a key shared between the client and server. This key will be used by the client to encrypt data and the server to decrypt that data. Since one key is used for both encryption and decryption, symmetric encryption is being used. To share that key, an algorithm, called the key exchange algorithm, was created to encrypt the symmetric encryption key in transfer. This ensures the integrity of the data as well as the security of the symmetric encrypting key.

   The key exchange algorithm is an encryption algorithm shared between client and server so each side of the connection can decrypt and use the symmetric encryption key. RSA, DH, ECDH and ECDHE are all examples of key exchange algorithms.

2. Authentication Algorithm

   This algorithm is a way of ensuring the identity of the sender. Usually a password and username are used in the process of authenticating the client. The most common authentication algorithms are RSA, DSA and ECDSA.

3. Bulk Data Encryption Algorithm

   The bulk data encryption algorithm is the algorithm used to encrypt the central data of the message. As the main part of the message is what attackers are attempting to steal or modify, the algorithm used here should be extremely secure. AES, 3DES and CAMELLA are the most common bulk data encryption algorithms used by cipher suites.

4. Message Authentication Code (MAC) Algorithm

   The MAC is a section of information sent along to authenticate the client. The MAC algorithm is the algorithm used to encrypt the MAC. The server compares the MAC received and the MAC they calculate to ensure they match. Normally a Cyclic Redundancy Check algorithm, or CRC, is used with a MAC to check for damaged portions of the message, but a CRC cannot protect against intentional changes to the MAC.

   If an attacker obtains the message, changes the MAC, and calculates a new checksum, then the server will never know that the MAC was changed. SHA and MD5 are the most commonly used MAC algorithms.

An example of a version 1.2 cipher suite naming is TLS_DHE_RSA_AES256_SHA256. The first portion, TLS, specifies what the cipher suite is used for. TLS is the most common reason used for cipher suites. The second algorithm name, DHE, is the key exchange algorithm used. RSA is the authentication algorithm, AES256 is the bulk data encryption algorithm, and SHA256 is the MAC algorithm.

Version 1.2 cipher suite names are short, but other cipher suite versions support different algorithms and are even shorter. The most widely used cipher suite version is version 1.2, even though version 1.3 already exists. The reason for using an older version over a newer version is the amount of options offered by each version. Version 1.2 cipher suites offer 37 ciphers and contain 4 ciphers, not including the reason the cipher suite is being used.

Version 1.3, on the other hand, only offers 5 ciphers and includes 2 algorithms in its naming. Version 1.2 also offers more secure algorithms compared to 1.3. The naming of the cipher suite, and the amount of ciphers offered in a cipher suite in version 1.3 shorten the TLS Handshake significantly, however. Version 1.3 naming looks like this: TLS_ AES_256_GCM_SHA384. The fewer ciphers used, and the shorter the name, the faster the TLS Handshake.

Conclusion

Cipher suites are an integral part to the TLS Handshake, telling the client and server how to encrypt their information for the other to understand. The TLS Handshake, which connects a client and server in a secure connection, is used every day to connect to websites, so ensuring it is the most secure it can be is extremely important. Cipher suites are just one way to ensure safe and trusted connections. Code signing, proper certificate management, and secure SSH keys are all other secure connection methods that must also be implemented properly, to ensure the most secure connection to servers.