Talk:Cipher suite

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles

Mid

This article has been rated as Mid-importance on the project's importance scale.

This article is supported by Networking task force (assessed as High-importance).

This article is supported by WikiProject Computer Security (assessed as Top-importance).

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Internet Mid‑importance

	Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet articles
Mid	This article has been rated as Mid-importance on the project's importance scale.

Cryptography: Computer science Top‑importance

	This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles
Top	This article has been rated as Top-importance on the importance scale.
	This article is supported by WikiProject Computer science (assessed as Mid-importance).

named cipher suites[edit]

The article incorrectly states "A reference for named cipher suites is provided in RFC 2434, the TLS Cipher Suite Registry."

The RFC given is the procedure for submissions. Lists of named cipher suites and reserved hex names are listed in the RFC for the TLS protocol (e.g. Appendix 5, RFC 4346 - TLS 1.1). Stephen Charles Thompson (talk) 21:16, 26 April 2010 (UTC)[reply]

Aes_128_gcm Hoangcuong95 (talk) 15:34, 8 February 2018 (UTC)[reply]

Chacha20_roly1305 Hoangcuong95 (talk) 15:39, 8 February 2018 (UTC)[reply]

Block cipher list[edit]

The TLS 1.0 - 1.2 section references block ciphers and specifically calls out RC4. However, RC4 is a stream cipher. Should this be updated? Timmattison (talk) 17:05, 24 February 2017 (UTC)[reply]

Vulnerabilities[edit]

The Vulnerabilities section states "If the version of encryption or authentication algorithm in a cipher suite have known vulnerabilities the cipher suite and TLS connection is then vulnerable." This is not accurate. A cipher suite may use a particular cipher that has a known vulnerability but that vulnerability may not apply within the context of how it is used in the suite. For example, collision attacks may apply to certain hash functions when an attacker controls part of the plaintext however the attacks may not apply in other scenarios (like in an HMAC construction). See https://en.wikipedia.org/wiki/Collision_attack#Attack_scenarios for details. 149.117.75.12 (talk) 00:15, 6 August 2021 (UTC)[reply]

OK, I guess that's possible. I changed is to may. ~Kvng (talk) 16:37, 12 August 2021 (UTC)[reply]