What’s a Cipher Suite in TLS?
Like it or not, our online privacy and trust is highly dependent on one little protocol: TLS (Transport Layer Security). Overall, TLS evolved from SSL (Secure Socket Layer), and is now at Version 1.3.
With TLS, we interrupt the network stack, and place it between the transport layer and the session layer. This creates an encryption tunnel between Bob and Alice, and where all of the data packets above the transport layer are encrypted. Initially, Bob and Alice determine the symmetric key that the data will be encrypted with. This is defined by the key exchange method (kex). The key that is then exchanged is then encrypted with a defined symmetric key (enc). The authentication of Alice to Bob is achieved from an authentication method (au) and each of the encrypted packets is then authenticated with a hashing method (mac).
Bob and Alice thus negotiate Enc, Au, Kx and a Mac. For this, Bob sends the methods that he wants to Alice in a client Hello, and Alice picks one of these and then the cipher suite is agreed. The format of the cipher suites is something like:
ECDHE-ECDSA-AES256-SHA 
