Which symmetric key algorithm does SSL use?

Asked 22/5, 2011 at 14:36 Answered 20/7, 2018 at 1:46

Solved ssl cryptography rsa public-key-encryption encryption-symmetric

I understand that through SSL, the browser gets the public key of the secured website and through public key encryption rsa algorithm, these 2 establish session key and then continue communication thru some symmetric algorithm, because symmetric key encryption/decryption is faster. Which symmetric key algorithm does SSL use? DES? AES? or something else?

Rub answered 22/5, 2011 at 14:36 Comment(2)

en.wikipedia.org/wiki/… – Seale 22/5, 2011 at 14:38

To summarize what others have said: there are several options; what is used in a connection depends upon the particular client and server. – Modillion 23/5, 2011 at 1:9

When the client connects to the server, it negotiates a so-called ciphersuite (combination of encryption, key exchange, authentication algorithms) to use. Each SSL client or server has a list of allowed ciphersuites and during handshake the client and the server negotiate on what ciphersuite to use. It can happen sometimes, that there's no common denominator (ciphersuites sets don't intersect) and connection can't be established.

Symmetric algorithms supported in SSL are DES, 3DES, ARCFOUR, AES, Camellia, RC2, IDEA, SEED, NULL (no encryption).

Warm answered 22/5, 2011 at 15:31 Comment(1)

@jumbogram thank you for pointing at this RFC, I somehow missed it. I should note, however, that strictly speaking it's not a part of TLS. The RFC is "informational" rather than Sstandards Track and it has very localized use (one country). I could also mention GOST, popular in ex-USSR, but it's not used anywhere else. – Made 23/5, 2011 at 6:18

During the connection establishment (the "handshake"), the client and server decide upon a "cipher suite" to use. The cipher suite states the algorithms which are used (asymmetric key agreement, symmetric encryption, and integrity check). In details, the client sends a list of the cipher suites it supports, and the server selects one of them, that it also supports. Normally, the server selects the first suite that it supports among those sent by the client (in other words, the ordering of the suites in the client message is its "order of preference" and the server usually honors the client preferences).

For instance, the cipher suite TLS_RSA_WITH_3DES_EDE_CBC_SHA means that the session key will be transmitted with RSA (asymmetric encryption, using the RSA public key from the server certificate), the data will be symmetrically encrypted with 3DES, and the integrity check will use the SHA-1 hash function. See the TLS specification for the list of standard cipher suites (other suites were added later on, in particular some with AES).

Malefactor answered 22/5, 2011 at 22:12 Comment(0)

Several possibilities including RC4 and DES or even no encryption. Not an area I know well, but I assume client and server negotiate to find one they can both use

http://httpd.apache.org/docs/2.0/ssl/ssl_intro.html#ssl

Fetiparous answered 22/5, 2011 at 14:42 Comment(0)

If you are using HTTPS under Firefox, if you click the little "lock" icon in the URL bar, it will give you a pop up with the details of your connection. For example, with my server, I connect with 128 bit AES with firefox.

Different web browsers can give different results of course, since the TLS connection negotiates the connection.

Garey answered 20/7, 2018 at 1:46 Comment(0)

Recommended topics

Hot tags