Cipher Suites Explained!
Ciphers! What comes to our mind when we first hear ciphers? In simple terms, a secret way of writing a code.
We all know ciphers have existed for thousand of years and if I can put it in simple terms, they are set of instructions used for encrypting or decrypting a message. When using a cipher the original information is known as plain text and the encrypted informaton is known as cipher text.
In modern technology ciphers play an important role. They maintain both security and privacy in technologies involving communications like mobiles, internet,ATM’s, digital tv etc.
Cipher suite is a set of cryptographic algorithms that helps determine how your web server will communicate data over HTTPS and also determine how secure, compatible and fast your HTTPS website is.
To simplify further, website uses cipher suites to determine-
- How secure it is
- Who can see it
- How it is displayed in the browser
- How fast user can see the website
Why are cipher suites important?
- Security
- Compatibility
- Performance
Cipher suites are named combinations of-
- Key exchange algorithm — It is used to exchange key between two devices and can be named as ( RSA, DH, ECDH,ECDHE,PSK)
- Authentication/ Digital signature algorithm — It is used to determine if and how the client and server will authenticate during a handshake and can be named as (RSA, ECDSA,DSA)
- Bulk encryption algorithm — It is used to encrypt data being sent and can be named as (AES, CHACHA20,ARIA,amellia)
- Message authentication code (MAC) algorithm — It provide data integrity checks to ensure that the data does not change in transit and can be named as (SHA256, POLY1305)
Referring above a cipher suite can look like-
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256