DeviceMaster Installation and Configuration Guide: 2000594 Rev. F DeviceMaster Security - 77
SSL Cipher Suites
SSL Cipher Suites
This subsection provides information about SSL cipher suites.
• An SSL connection uses four different facilities, each of which can use one of several different ciphers or
algorithms. A particular combination of four ciphers/algorithms is called a “cipher suite”.
• A Cipher Suite consists of
- Public Key Encryption Algorithm
• Used to protect the initial handshaking and connection setup.
• Typical options are RSA, DH, DHA, DHE, EDH, SRP, PSK. The DeviceMaster supports RSA, DHA,
DHE.
- Authentication Algorithm
• Used to verify the identities of the two parties to each other.
• Typical options are RSA, DSA, ECDSA. The DeviceMaster supports only RSA.
-Stream Cipher
• Used to encrypt the user-data exchanged between the two parties.
• Typical options: RC4, DES, 3DES, AES, IDEA, Camellia, NULL. The DeviceMaster supports RC4,
3DES, AES.
- Message Authentication Code
• Hash function (checksum) used to verify that each message frame has not be corrupted or changed
while in transit.
• Typical options include MD5, SHA, MD2, MD4. The DeviceMaster supports MD5, SHA
• In the design of the SSL/TLS protocols the choices of four of the above are not independent of each other:
only certain combinations are defined by the standards. The standard combinations of protocol (SSL or
TLS) and cipher suites support by DeviceMaster are shown in the following table.
DeviceMaster Supported Cipher Suites
The DeviceMaster supports the cipher suites:
Protocol Public Key Authentication Cipher MAC
SSL RSA RSA 3DES SHA
SSL RSA RSA RC4 SHA
SSL RSA RSA RC4 MD5
SSL DHE RSA 3DES SHA
SSL DHA RSA RC4 MD5
SSL RSA RSA NULL MD5
SSL RSA RSA NULL SHA
TLS RSA RSA AES128 SHA
TLS RSA RSA AES256 SHA
TLS DHE RSA AES128 SHA
TLS DHE RSA AES256 SHA
TLS DHA RSA AES128 SHA
TLS DHA RSA AES256 SHA
To Next Page
Loading...
