13.8. Cipher Suites
The SSL protocol does not restrict clients and servers to a single encryption brew for the secure exchange of information. There are a number of possible cryptographic ingredients, but as in any cookpot, some ingredients go better together than others. The seriously interested can refer to Bruce Schneier's Applied Crytography ( John Wiley & Sons), in conjunction with the SSL specification (from http://www.netscape.com/). The list of cipher suites is in the SSLeay software at ... /ssl/ssl.h. The macro names give a better idea of what is meant than the text strings.
| SSLeay name | Config name | Keysize | EncryptedKeysize |
|---|---|---|---|
SSL3_TXT_RSA_IDEA_128_SHA |
IDEA-CBC-SHA | 128 | 128 |
SSL3_TXT_RSA_NULL_MD5 |
NULL-MD5 | 0 | 0 |
SSL3_TXT_RSA_NULL_SHA |
NULL-SHA | 0 | 0 |
SSL3_TXT_RSA_RC4_40_MD5 |
EXP-RC4-MD5 | 128 | 40 |
SSL3_TXT_RSA_RC4_128_MD5 |
RC4-MD5 | 128 | 128 |
SSL3_TXT_RSA_RC4_128_SHA |
RC4-SHA | 128 | 128 |
SSL3_TXT_RSA_RC2_40_MD5 |
EXP-RC2-CBC-MD5 | 128 | 40 |
SSL3_TXT_RSA_IDEA_128_SHA |
IDEA-CBC-MD5 | 128 | 128 |
SSL3_TXT_RSA_DES_40_CBC_SHA |
EXP-DES-CBC-SHA | 56 | 40 |
SSL3_TXT_RSA_DES_64_CBC_SHA |
DES-CBC-SHA | 56 | 56 |
SSL3_TXT_RSA_DES_192_CBC3_SHA |
DES-CBC3-SHA | 168 | 168 |
SSL3_TXT_DH_DSS_DES_40_CBC_SHA |
EXP-DH-DSS-DES-CBC-SHA | 56 | 40 |
SSL3_TXT_DH_DSS_DES_64_CBC_SHA |
DH-DSS-DES-CBC-SHA | 56 | 56 |
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA |
DH-DSS-DES-CBC3-SHA | 168 | 168 |
SSL3_TXT_DH_RSA_DES_40_CBC_SHA |
EXP-DH-RSA-DES-CBC-SHA | 56 | 40 |
SSL3_TXT_DH_RSA_DES_64_CBC_SHA |
DH-RSA-DES-CBC-SHA | 56 | 56 |
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA ... |
Get Apache: The Definitive Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
