Cipher Suites
Understand how cipher suites work and what makes a strong TLS configuration.
What it is
A cipher suite is a combination of cryptographic algorithms used during a TLS handshake to establish a secure connection. Each cipher suite specifies:
- Key exchange algorithm: How the client and server agree on a shared secret (e.g., RSA, ECDHE)
- Authentication algorithm: How the server proves its identity (e.g., RSA, ECDSA)
- Bulk encryption algorithm: The symmetric cipher used to encrypt data (e.g., AES-256-GCM, ChaCha20-Poly1305)
- Message authentication code (MAC): Algorithm for ensuring data integrity (often built into modern ciphers like GCM)
An example cipher suite name: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Why it matters
The choice of cipher suite directly impacts:
- Security: Weak cipher suites can be vulnerable to attacks
- Performance: Some ciphers are faster but may be less secure
- Compatibility: Older clients may not support modern cipher suites
- Forward secrecy: Ephemeral key exchange (ECDHE, DHE) provides better security
Modern best practice favors cipher suites that provide forward secrecy, use authenticated encryption (AEAD), and avoid deprecated algorithms like RC4, MD5, and SHA-1.
In practice
Best practices for cipher suite configuration:
- Prefer ECDHE or DHE for key exchange (provides forward secrecy)
- Use AES-256-GCM or ChaCha20-Poly1305 for bulk encryption
- Disable cipher suites using RC4, MD5, SHA-1, or DES
- Order cipher suites by preference (most secure first)
- Test your configuration with tools like SSL Labs or testssl.sh
- Monitor for weak cipher usage in your logs
- Keep your TLS library and server software updated
Further reading
- RFC 8446: TLS 1.3 Cipher Suites
- Mozilla Recommended Cipher Suites
- OWASP Cipher String Cheat Sheet