| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
3.3.1 Encryption Algorithms Used in the Record Layer
Confidentiality in the record layer is achieved by using symmetric
block encryption algorithms like 3DES, AES(8), or stream algorithms like
ARCFOUR_128(9). Ciphers are encryption algorithms that use a single, secret,
key to encrypt and decrypt data. Block algorithms in TLS also provide
protection against statistical analysis of the data. Thus, if you’re
using the TLS protocol, a random number of blocks will be
appended to data, to prevent eavesdroppers from guessing the actual
data size.
Supported cipher algorithms:
-
3DES_CBC 3DES_CBCis the DES block cipher algorithm used with triple encryption (EDE). Has 64 bits block size and is used in CBC mode.-
ARCFOUR_128 ARCFOUR is a fast stream cipher.
-
ARCFOUR_40 This is the ARCFOUR cipher that is fed with a 40 bit key, which is considered weak.
-
AES_CBC AES or RIJNDAEL is the block cipher algorithm that replaces the old DES algorithm. Has 128 bits block size and is used in CBC mode. This is not officially supported in TLS.
Supported MAC algorithms:
-
MAC_MD5 MD5 is a cryptographic hash algorithm designed by Ron Rivest. Outputs 128 bits of data.
-
MAC_SHA SHA is a cryptographic hash algorithm designed by NSA. Outputs 160 bits of data.
| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |