Need to check if a cipher suite is weak, strong or deprecated, then refer (https://ciphersuite.info/). The website fetches data from IANA(https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml).
The IANA (Internet Assigned Numbers Authority) is responsible for maintaining the official registry of TLS cipher suites. If a cipher suite is approved by experts at the IETF (Internet Engineering Task Force) then the IANA add it to the registry where it’s assigned a unique two byte hexadecimal value and a human readable name (recorded in the Description field).
Few other naming conventions are, OpenSSL and GnuTLS.
This is how the cipher suite represented by hex value 0x00,0x3D is named according to these three conventions:
IANA: TLS_RSA_WITH_AES_256_CBC_SHA256
OpenSSL: AES256-SHA256
GnuTLS: TLS_RSA_AES_256_CBC_SHA256
Understanding of CipherSuites as strong or weak among vulnerability management vendors may vary a bit, similarly the way, results from different AV engines on VirusTotal varies a bit for a particular hash or URL.
Happy Learning !!
No comments:
Post a Comment