![]() And there is something special about the Diffie-Hellman key exchange used in ECDHE_RSA:ĭHE_RSA offers something known as Perfect Forward Secrecy, a pompous name for the following property: if your server gets thoroughly hacked, to the point that the attacker obtains a copy of the server private key, then he will also be able to decrypt past TLS sessions (which he recorded) if these sessions used RSA, while he will not be able to do so if these sessions used DHE_RSA. The key exchange algorithm is specifying how keys for the bulk encryption/decryption cipher are exchanged. SHA256 - message authentication code algorithm.GCM - the mode used for scrambling the data so it can be securely used with the algorithm.WITH_AES_128 - the encryption/decryption algorithm.ECDHE_RSA - authentication and key exchange algorithms.Let's look at the entire ciphersuite specification TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 in detail:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |