What is a TLS Cipher Suite?
Vložit
- čas přidán 24. 06. 2024
- When a web client (Internet browser) connects to a secure website, the data is encrypted. But, how does all that happen? And, what type of encryption is used? And, how does the Internet browser know what type of encryption the web server wants to use? This is all determined by what is known as a TLS Cipher Suite. In this video, John outlines the components of a TLS Cipher Suite and explains how it all works. Enjoy!
List of cipher suites and hexadecimal value representation: testssl.sh/openssl-iana.mappi...
List of cipher suites supported on BIG-IP: support.f5.com/csp/article/K8... - Věda a technologie
I have seen a lot of videos on CZcams about TLS but your explanation is very easy to understand. Great Work :)
glad you enjoyed it!
Extremely well explained and with precise detail. It has opened a much better understanding for me now across all suite functions!
100% Totally subscribed to your channel! The way you explain things is a bit how I see things and try to break it down in my mind like this. Not overly technical yet you incorporarte all the pieces of this topic very well. Thanks for your awesome work!
glad you enjoyed it!
This channel is an instant sub! You guys deserve more subscribers. Excellent quality, especially videos published in the last few years are great!
glad you enjoy the videos!
All makes perfect sense now. Thanks for taking our time to put this together.
glad you enjoyed it!
What a great video!! You made it so simple and presice. Will definitely share this up with my colleagues. Keep doing a great job
glad you enjoyed it!
A very Clear explanation. Awesome. Thanks
Glad you enjoyed and we appreciate the comment!!
Nice job. I’m working on a presentation for my engineers and you’ve answered quite a number of my questions.
glad you enjoyed it!
This helped significantly with my cybersecurity course. Thank you.
I'm glad it helped!
@@devcentral hey
One of the best videos on cipher suites!
glad you enjoyed it!
I always search the topic on your youtube page when I find something difficult to understand. You never disappoint me :) Great Work!
glad you enjoyed it! and, let us know if you have any topics we should address.
Thanks John for this, As usual your explanation is to the point. I follow your videos even if I don't need to work on that particular tech.
i'm glad you enjoyed it!
Absolutely great overview that brings together these many topics. Thanks!
glad you enjoyed it!
excellent TLS cipher suite introduction: short, informative, easy to understand
glad you enjoyed it!
Nicely explained, filled some gaps in my understanding. Thank you!
i'm glad you enjoyed it and found it helpful!
GREAT content, to the point explanation.. I subbed to you, cuz yours is better than others out there
Thanks and appreciate the comment (and sub) 🙂
Super clear, thank you for doing fantastic job explaining complicated stuff.
glad you enjoyed the video!
Thank you so much. The video is easy to understand, I love it!
glad you enjoyed it!
You explain this very clearly. Really, much thanks to you guys :)))
Thanks!! Appreciate the comment!
Great video, John. A big help.
glad you enjoyed it!
Very impressive :-)
This really helped me understand Much better.
Though i might just have to watch it a few more times to remember it all ;-)
glad you enjoyed it! and, feel free to watch as many times as you need!
very clear and understandable the way how u explained it, thank you very much for ur time and iniciative to share it, greetings :)
glad you enjoyed it!
This really helpful. Thanks for putting in the efforts.
glad you enjoyed it!
Impressive content and explanation. Thanks for it.
glad you enjoyed it!
Help me alot with my tutorial. Glad that I found your video!
Glad you enjoyed it!
Great introduction. Thanks for posting.
Thanks for the comment and glad you enjoyed it!
100% clean session thanks for knowledge
glad you enjoyed it!
Thanks John, great explanation.
thanks for the comment!!
Really helpful for understanding TLS suites...
Now i can understand more...👍🏻
Thanks for the video...😎
glad you enjoyed it!
F5 DevCentral looking into your videos one by one n they are too good ...
by the way can you do video on TLS 1.2 handshake....👍🏻
@@hamzabashir1791 Hi. We recorded a couple of videos on the TLS handshake. Here they are:
czcams.com/video/cuR05y_2Gxc/video.html
czcams.com/video/n_d1rCXNrx0/video.html
Great Work!! Now it is more clear to me
I'm glad you enjoyed it!
Clear and concise.... Thanks a lot
Wondered how they all fit together, thanks!
Happy to help!
very nice explanation.Thank you
glad you enjoyed it!
Totally Perfect explanation 🙌
glad you enjoyed it!
Very Informative. Thanks.
glad you enjoyed it!
Thank you for this videos !
I'm glad you enjoy them!
You make my day. Awesome 😎👍
Thanks and we appreciate the comment!
Very informative and useful video
Very helpful, thanks.
glad you enjoyed it!
It has just made a sense,I guess :) Thanks a lot.
glad you enjoyed it!
Nicely Explained and Very Helpful ..!! Just a Question , When Server Signed the Hash of Certificate then How Client authenticate that this is the Server to which i am looking for using the SHA or MD5 ?
Thanks John for the detailed explanation for a complex topic like this.
Before reaching here , i was under the impression that the servers certificate public key will be used to encrypt the initial handshake and hence work as the key exchanger. Now if cipher suite also has a key exchanger algo , which one is used in such case?
Hi pickiziziz...great question! The server's public key can be used as a part of the key exchange (if the key exchange algorithm is RSA), but it doesn't have to be used for key exchange. In fact, most servers/browsers now prefer Diffie Hellman key exchange (many times using Elliptic Curve as well) instead of RSA. The server's private key will still be used for authentication purposes (to prove to the browser that the server is the one expected), but the server's private key doesn't have to be used for the key exchange. That's one of the reasons that the cipher suite is agreed on early in the TLS handshake process so that both sides will know what key exchange algorithm to use. I hope this helps!
Thank you for your video! I have a question, let’s say there are many clients connecting to 1 server. Is it possible that all this clients and server share the same cipher suite to establish secured connection?
Great question Nicole! The short answer is, yes...all clients could use the same cipher suite. To be clear, though, the fact that the same cipher suite is used by multiple clients does not mean that all those clients use the same key for encryption. Each client will have their own shared (secret) encryption key with the server. The cipher suite simply defines what type of encryption algorithm is used between the client and the server. But the actual key used between the two will be different for each client/server connection.
An analogy might be something like this: several people want to drive from their personal house to the bank. Each one has an option on what kind of car to drive (Honda, Chevy, Ford, Toyota, etc). All of the people could theoretically choose to drive a Toyota car, but each car is different even though they are all Toyota (even the same make/model). So, even though you drive a Toyota doesn't mean you can go to another Toyota and take your car key and use the other car. The same is true for cipher suites. You could use the same cipher suite as another client, but that doesn't mean your secret encryption key is the same as theirs. I hope this helps!
Very beneficial thank you
Perfectly Explained. The puzzle is solved now. Kinda.
Thank you nice job!!
glad you enjoyed it!
Hi John, you had mentioned about pointing to some official documentation for the SSL hexadecimal designations. Is that under OpenSSL?
Hi John...sorry about the oversight on posting that list. Here it is: testssl.sh/openssl-iana.mapping.html
I hope this helps!
great job thank you!
Glad you enjoyed it!
I'm just impressed he can write backward like that.
They just reverse the video (left to right) after recording, he's writing normally. I had the same thought though at first 😄
@@rosshoyt2030 Makes sense, he was writing REALLY well backwards :D
Here's our LBL Behind the Scenes video: czcams.com/video/U7E_L4wCPTc/video.html
Good explanation. Quick question,
If BigIP LTM has an SSL profile with cipher 'Default@strength' , does it force to negotiate strongest available cipher suite with the client or server?
Great question Sharath! When @strength is used with the DEFAULT cipher list, then the ciphers are ordered on the server according to their strength (for example, 384 bit would be listed before the 256 bit, etc). When a client begins secure communications with the server, the client offers up it's set of cipher suites (already built into the browser..each browser is built slightly different) and then the server goes down its list of ciphers in order and it chooses the first match it can find. Maybe it matches the very top-listed cipher, but maybe not. As long as one of the cipher suites matches, then the server will pick it and that will be the cipher suite used for that secure session. Thanks!
it depend upon how your priorities your ciphers.. if you using Custom Suites.. in DEFAULT one they put the higher key size strengthen top on the order
@@ashuniet The ordering of the cipher suites varies by TMOS version - but in 'DEFAULT' it is *not* normally the strongest suites which are listed first. A number of factors go into the ordering, but to generalize it is a balance between security and performance. (Higher bit cipher suites use more resources, and thus reduce performance of the box.) Using '@STRENGTH' in the cipher suite configuration will force sorting by key size, but this can be deceptive as well. What is more secure, a cipher suite using ECDHE and AES128-GCM or one using RSA and AES256 (CBC). I'd argue that the former is a better choice, but the latter will come first in the list because of the larger key size.
Superb!
glad you enjoyed it!
good explanation
Thanks for the note!!
Thank you, thank you!
Glad you enjoyed it!
Thank you 1000 times
Glad you enjoyed it!
Great stuff!
glad you enjoyed it!
You mentioned a link to BIG IP specific documentation on turning those on or off. Could you link that for 14.x? I need to block RC4, and not sure how.
try openssl ciphers -v command, you will got the tls cipher suites supported on your server
Thanks for the info!
this guy is great
We really appreciate the comment and glad you enjoyed the video!
Nice explanation. Just a quick question, Wireshark will show the cipher suite selected between client and server. Will that not be a risk?
At least through TLSv1.2 the cipher suite negotiation happens in the clear, so you can always see which cipher suite is selected. This is not a risk (beyond the use of a weak suite, which is a risk in any case) as the strength of the system is in the secret keys.
Check out Perfect Forward Secrecy or sometimes called Forward Secrecy. Also, note the concept Ephemeral. scotthelme.co.uk/perfect-forward-secrecy/
What if the cipher is null for output of openssl command . Does that mean that version of TLS is disabled ?
thank you so much
glad you enjoyed it!
8:59 Is that accurate? I thought public key is only used for encryption when sending data back to the server. If it was used for decryption of private key encrypted data, then the data itself would be compromised.
That one caught my attention as well, the video lost its credibility after this statement was made. These are dangerous statements as it messes up the very foundational concepts of client-server encryption. I think the author is confused.
what author explained here is digital signature signing process.
@@miomio134 Digital signing process is HMAC, whereby content is signed with private key and verified with private key. I'm not sure that's what he explained.
Hey Man, just want to thank you for the great explanation - better impossible
glad you enjoyed the video!
how to fix the SSL anonymous cypher suite supported vulnerability on linux machine
EC-DHE key exchange (smaller keys with elliptical curve and perfect forward secret with Diffy Hellman Ephemeral)
❤❤
great video
tho i'v lost couple of hours on figuring authentication and MAC parts, but can someone confirm if i got this right:
Authentication part-(RSA for example) is about verification of certificate in TLS handshake phase, which is done via digital signature: sender encrypts hash of message via MAC algorithm(SHA for example), with its private key , which reciever decrypt with senders public key (from certificate)
And MAC part is preformed in "TLS record protocol" (from RFC), that is, in actual sending of encrypted data (after handshake), in which there is MAC "tag" on each message(packet), for data integrity ?
Notes :
Protocol --> TLS 1.2, TLS 1.1, TLS 1.0, SSLV3, SSLV2
Key Exchange --> ECDHE, RSA
Authentication --> RSA, ECDSA
CIPHER --> AES, GCM/CBC, Camellia, DES, RC4, RC2.
MAC --> SHA, MD5
TLS CIPHER SUITE
ECHDE(KE)-RSA(AUTH)-AES128(BulkEncry/SE)-GCM-SHA256
HEX Representation - 0XCO2F
How to check whether given cipher suite is strong and weak generally malware choose weak cipher suite so is it right to say that malware prefer weak cipher suite, old like RC4, RC2 .
Great comment Abhay! I'm working on another video that goes into detail on which TLS cipher suites are strong and which are weak...stay tuned!
I don't think you can generalize that way. Modern malware using encrypted communication is likely to be using the latest functionality - ephemeral key exchange, AES-GCM, etc. Supporting these is just as easy as an older algorithm - authors are using available libraries.
Strength isn't a clear linear scale either - it isn't just key size. AES256-CBC has a larger key size than AES128-GCM, but the latter is arguably a better choice in a real world deployment given the growing number of attacks on CBC ciphers. And, for the same key size, GCM is generally a higher performing option (less load). And does your application really need 256-bit keys?
There is also the temporal factor - a mid-strength ECDHE key exchange is probably a better option than a high-strength RSA key exchange. The latter is generally used for many sessions and can be recovered later to decrypt everything it was used on. The former is used for one, or few, sessions and so breaking the key recovers less information.
Always tradeoffs.
So what are the other way to test whether cipher suite strong and weak... actually I have tested my client browser compatibility in ssl lab website so it shows preferred cipher suite and u said malware uses good strength of communication in my opinion few types of malware uses good encryption standard but not all, I have also read research paper related to this topic so that's why I am sharing my knowledge what I got correct me if I am wrong and if u good source related to this please share it thanks.
There arguably is a cipher suite that could be considered to be the most secure, I suppose. However, forcing all clients and servers to use that presents a few problems:
1. Some servers may not support that specific suite without having to upgrade. The most secure suite is ever-changing. Ideally, all companies will maintain their systems to keep them up to date, but we know that's easier said than done.
2. Many of the larger browsers don't make it easy for you to force it to only use specific suites. You'd have to dig through registry settings, etc.
For now, we have to rely on 2 solutions to avoiding the usage of insecure suites:
1. Hope that modern browsers will disable the usage of insecure cipher suites as they roll out new versions of the software. This way, if you try to connect to a server that doesn't support one of the more secure cipher suites, the connection is rejected.
2. Hope that server administrators disable cipher suites that are considered insecure. This way, if the client tries to connect and their browser only supports insecure cipher suites, the connection is rejected.
I didn't understand at 13:43, signing the hashed certificate part. Rest of the video is great.
PCI vendors are requesting only stitched cipher suites, what are stitched cipher suites?
From Stackexchange: security.stackexchange.com/questions/204429/what-is-a-non-stitched-ciphersuite
awesome
thanks!
Protocol
Protocol : TLS 1.3, TLS 1.2
Key Exchange : EC DHE, RSA
Auth : RSA, EC DSA
Bulk Cipher : AES, GCM/CBC, DES
MAC : SHA(secured), MD5(not secures) certificate sent from server has MAC
Can this cause disconnection of websocket traffic? TLS handshake error?
I'm not good at it, but I though this process is Public key or Asymmetric and here you're using Symmetric encryption algorithms like AES, DES and RC4. so why don't we use Asymmetric Encryption algorithms?
If I'm wrong I'm just learning.
Asymmetric algorithms use complex exponential calculations which are slower and more processor intensive than symmetric algorithms. Furthermore, Asymmetric algorithms are much more stringent as to the length of the data they can encrypt. As such, asymmetric encryption is not ideal for encrypting bulk data. This is why asymmetric encryption comes in handy just for the first part of the communication (a.k.a TLS handshake). Having that established, the encrypted traffic flow can happen using symmetric encryption algorithms such as AES, 3DES and SHA, MD5 for authentication. I hope that had shed some light on it.
@@DanielMGarcia69 thanks for the great info...really appreciate the insightful response!!
how do write like that you write from right to left can you explain how you do that ??
Thank you 1024 times.
haha! :) Glad it was helpful for you!
awesome explanation🙏
RC4 is a stream cipher, not a block cipher.
Thanks WndSks! When I was listing the symmetric encryption algorithms, I slipped a couple of times and said "block" and then followed up with "bulk" to clarify that I was referring to symmetric, bulk encryption algorithms as opposed to asymmetric key exchange algorithms (RSA, DH, etc) or hash algorithms. But, thanks for the reminder that RC4 is, in fact, a stream cipher not a block cipher...an important detail in the case of symmetric algorithms!
Able to make a connection with an invalid cipher(E128D:R1A:AES128:RANVIJAY:SHA238) But not able to make a connection with a valid cipher(ECDHE-RSA-AES256-SHA384) in LDAP SERVER???
I don't think the cipher suites specify the protocol version, but rather just TLS or SSL.
Hi Ryan, great question! The cipher suites are designed for each specific version of SSL/TLS, and you can show the version for each cipher suite. For OpenSSL (the most common implementation on the Internet), you can type in: openssl ciphers -V and you will get a listing of all ciphers with the SSL/TLS version included. Here's a link for more info on this: www.openssl.org/docs/man1.0.2/man1/ciphers.html
I got you, thanks so much for the clarification. Been watching your vids alot recently, terrific jobs!!
@@zhengshenyu Thanks! glad you are enjoying the videos!
how does this mans write backwards so well
where person is writing ? is this on a glass? how is this annotation works can anyone explain it to me?
Basically the expositor is writing on glass (while shining a lot of light on the board), and then flips the video afterwards on postprocessing; they made a video about it on their channel.
So for these videos, do they have a special shirt made with their logo reversed?
Nice catch Miles! You can check out this video showing how we do it: czcams.com/video/U7E_L4wCPTc/video.html
In some way in lay man's terms 2 foreign leaders having an exchange with an interpreter encrypting and decrypting the exchange
12:53 lyrics from an old Eminem song
whattt?? I didn't see any lyrics there
I caught that too. :D
Ha! Good catch; won't be able to not listen to that when I re-watch later.
Great explanation but did he really learn how to write inversely? From his perspective, whatever he is writing should appear as a mirror image of what we see on the video.
The video is inverted.
Such a simple explanation for the writing!! I was watching the video trying to figure it out and I think because I fried my brain I couldn't figure it out!!!
Seriously what is "TLS Cipher Suite"?... video explains it all. This "Ciper Suite" is really important, just learning how to program and becoming a good back end developer is not even close to being ready for a production safe platform. Developers really needs to understand the security of things which is extremely lacking in the DevOp world. This is just sad, no mentors in website programming have ever mentioned the importance of the security for a platform, such basics like TLS 1.3 or 1.2 and it's "Cipher Suite".
I'm searching for TLS group of Michigan
And in search of Rabbi A A.