Cipher List 30 2 1

Cipher Suites Supported by Alteon
Technical Note
Alteon Version 30.2.1
Issue 2
TABLE OF CONTENTS
CIPHER SUITES ........................................................................................................................................... 3
CIPHER SUITES OVERVIEW ...................................................................................................................... 3
CIPHER SUITES USED BY ALTEON .......................................................................................................... 4
CIPHER SUITE TABLES.............................................................................................................................. 5
TABLE 1 - ALL CIPHER SUITES ................................................................................................................... 6
TABLE 2 - RSA (DEFAULT) CIPHER SUITES ................................................................................................ 8
TABLE 3 PCI DSS COMPLIANCE CIPHER SUITES ..................................................................................... 9
TABLE 4 ALL NON-NULL CIPHER SUITES ............................................................................................... 11
TABLE 5 TLSV1.2 CIPHER SUITES ........................................................................................................ 13
TABLE 6 - LOW CIPHER SUITES................................................................................................................ 14
TABLE 7 MEDIUM CIPHER SUITES ......................................................................................................... 14
TABLE 8 HIGH CIPHER SUITES .............................................................................................................. 14
TABLE 9 EC CIPHERS........................................................................................................................... 16
TABLE 10 GCM CIPHERS ..................................................................................................................... 17
Cipher Suites Supported by Alteon Version 30.2.1-issue 2
Page 2
Cipher Suites
This appendix provides an introduction to cipher suites in general and those specifically used by
Alteon. It also provides a complete list of the content of all supported cipher suites.
It includes the following topics:
Cipher Suites Overview, page 2143
Cipher Suites Used by Alteon, page 2144
Cipher Suite Tables, page 2145
Cipher Suites Overview

A cipher suite is a named combination of authentication, encryption, and message
authentication code (MAC) algorithms used to negotiate the security settings for a network
connection using the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) network
protocol.
The structure and use of the cipher suite concept is defined in the documents that define the
protocol (RFC 5246 standard for TLS version 1.2). A reference for named cipher suites is
provided in RFC 2434, the TLS Cipher Suite Registry.
When a TLS connection is established, a handshaking, known as the TLS Handshake Protocol,
occurs. Within this handshake, a client hello (ClientHello) and a server hello (ServerHello)
message is passed. (RFC 5246, p. 37) First, the client sends a cipher suite list, a list of the
cipher suites that it supports, in order of preference. Then the server replies with the cipher suite
that it has selected from the client cipher suite list. (RFC 5246, p. 40) To test which TLS ciphers
that a server supports an SSL/TLS Scanner may be used.
Each named cipher suite defines a key exchange algorithm, a bulk encryption algorithm, a
message authentication code (MAC) algorithm, and a pseudorandom function (PRF). (RFC
5246, p. 40)
The key exchange algorithm is used to determine if and how the client and server authenticate
during the handshake. (RFC 5246, p. 47).
The bulk encryption algorithm is used to encrypt the message stream. It also includes the key
size and the lengths of explicit and implicit initialization vectors (cryptographic nonces). (RFC
5246, p. 17).
The message authentication code (MAC) algorithm is used to create the message digest, a
cryptographic hash of each block of the message stream. (RFC 5246, p. 17).
The pseudorandom function (PRF) is used to create the master secret, a 48-byte secret shared
between the two peers in the connection. The master secret is used as a source of entropy
when creating session keys, such as the one used to create the MAC. (RFC 5246, p. 16-17,
26).
Page 3
Perfect Forward Secrecy (PFS) is supported by Alteon and is enforced automatically once an
ephemeral cipher (such as DHE) is chosen during the SSL handshake.
The following terms are used when defining ciphers and cipher suites in the lists and tables
below:
AESAdvanced Encryption Standard
DESData Encryption Standard
DSSDigital Signature Standard
MD5Message Digest algorithm
RC2, RC4Rivest encryption
RSARivest-Shamir-Adleman encryption
SHASecure Hash algorithm
3DESDES applied three times
ECElliptic Curve
Cipher Suites Used by Alteon

You can set which cipher suite is allowed during the SSL handshake. For example, if you select
rsa, only traffic with the RSA cipher suite is allowed to reach the Alteon service that is using this
SSL policy.
The following cipher suites are supported by Alteon:
ALLAll cipher suites.
RSA (Default)Cipher suite using RSA key exchange.
PCI DSS CompliancePayment Card Industry Data Security Standard.
ALL Non-Null CiphersAll cipher suites except the NULL ciphers and ciphers offering
no authentication, which must be explicitly enabled.
SSLv3SSL v3.0 cipher suites.
TLSv1TLS v1.0 cipher suites.
TLSv1.2TLS v1.2 cipher suites.
ExportExport encryption algorithms including 40 and 56 bit.
LowLow exception cipher suites, currently using 64 or 56 bit encryption algorithms

but excluding export cipher suites.
MediumMedium encryption cipher suites, currently using 128 bit encryption.
HighHigh encryption cipher suites. Currently key lengths are larger than 128 bits.
RSA:RC4-128:MD5Cipher suites using RSA key exchange, 128 bit RC4 for
encryption and MD5 for MAC.
Page 4
RSA:RC4-128:SHA1Cipher suite using RSA key exchange, 128 bit RC4 for
encryption and SHA1 hash for MAC.
RSA:DES:SHA1Cipher suite using RSA key exchange, 3DES for encryption and
SHA1 hash for MAC.
RSA:3DES:SHA1Cipher suite using RSA key exchange, 3DES for encryption and
SHA1 hash for MAC.
RSA:AES-128:SHA1Cipher suite using RSA key exchange, 128-bit AES for

RSA:AES-256:SHA1Cipher suite using RSA key exchange, 256-bit AES for

User DefinedAlteon supports all ciphers supported by the accepted OpenSSL format
and more information can be found in OpenSSL documentation.
Expert User DefinedThe expert user-defined cipher-suite allowed for SSL. Use this
parameter if you are sure that you have the exact cipher string that is required.
Cipher Suite Tables

The following tables provide a complete list of the content of the supported cipher suites.
Table 1 - All Cipher Suites
Table 2 - RSA (Default) Cipher Suites
Table 3 PCI DSS Compliance Cipher Suites
Table 4 All Non-Null Cipher Suites
Table 5 TLSv1.2 Cipher Suites
Table 6 - Low Cipher Suites
Table 7 Medium Cipher Suites
Table 8 High Cipher Suites
As of version 30.2.1, Alteon supports Elliptic Curve (EC) and Galois Counter Mode (GCM)
ciphers. They are incorporated in the appropriate cipher suites. The following tables list the
supported EC and GCM ciphers:
Table 9 EC Ciphers
Table 10 GCM Ciphers
Page 5
Table 1 - All Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
TLS
v3
v1.0
v1.1
v1.2
HW
accelerated
AEAD
ECDSA
Enc
Symmetric
Encryption
Algorithm
AESGCM
(256)
AESGCM
(256)
ECDH
RSA
ECDH
AEAD
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256SHA384
ECDH
RSA
AES(256)
SHA384
ECDH
ECDSA
AES(256)
SHA384
ECDHE-RSA-AES256-SHA
ECDH
RSA
AES(256)
SHA1
ECDHE-ECDSA-AES256-SHA
ECDH
ECDSA
AES(256)
SHA1
AECDH-AES256-SHA
ECDH-RSA-AES256-GCMSHA384
ECDH-ECDSA-AES256-GCMSHA384
ECDH
None
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
AES(256)
AESGCM
(256)
AESGCM
(256)
AEAD
ECDH-RSA-AES256-SHA384
ECDH-ECDSA-AES256SHA384
ECDH/RSA
ECDH
AES(256)
SHA384
ECDH/ECDSA
ECDH
AES(256)
SHA384
ECDH-RSA-AES256-SHA
ECDH/RSA
ECDH
AES(256)
SHA1
ECDH-ECDSA-AES256-SHA
ECDH/ECDSA
ECDH
SHA1
AES256-GCM-SHA384
RSA
RSA
AES(256)
AESGCM
(256)
AEAD
AES256-SHA256
RSA
RSA
AES(256)
SHA256
AES256-SHA
RSA
RSA
SHA1
CAMELLIA256-SHA
ECDHE-RSA-AES128-GCMSHA256
ECDHE-ECDSA-AES128-GCMSHA256
RSA
RSA
SHA1
ECDH
RSA
AEAD
ECDH
ECDSA
AES(256)
Camellia
(256)
AESGCM
(128)
AESGCM
(128)
AEAD
ECDH
RSA
AES(128)
SHA256
ECDH
ECDSA
AES(128)
SHA256
ECDH
RSA
AES(128)
SHA1
ECDH
ECDSA
AES(128)
SHA1
AECDH-AES128-SHA
ECDH
None
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
AES(128)
AESGCM
(128)
AESGCM
(128)
AEAD
ECDH/RSA
ECDH
AES(128)
SHA256
ECDH-ECDSA-AES128-
ECDH/ECDSA
ECDH
AES(128)
SHA256
Page 6
SHA256
ECDH-RSA-AES128-SHA
ECDH/RSA
ECDH
AES(128)
SHA1
ECDH/ECDSA
ECDH
SHA1
AES128-GCM-SHA256
RSA
RSA
AES(128)
AESGCM
(128)
AEAD
AES128-SHA256
RSA
RSA
AES(128)
SHA256
AES128-SHA
RSA
RSA
AES(128)
SHA1
SEED-SHA
RSA
RSA
SHA1
CAMELLIA128-SHA
RSA
RSA
SEED(128)
Camellia
(128)
SHA1
ECDHE-RSA-RC4-SHA
ECDH
RSA
RC4(128)
SHA1
ECDHE-ECDSA-RC4-SHA
ECDH
ECDSA
RC4(128)
SHA1
AECDH-RC4-SHA
ECDH
None
RC4(128)
SHA1
ECDH-RSA-RC4-SHA
ECDH/RSA
ECDH
RC4(128)
SHA1
ECDH-ECDSA-RC4-SHA
ECDH/ECDSA
ECDH
RC4(128)
SHA1
RC4-SHA
RSA
RSA
RC4(128)
SHA1
RC4-MD5
RSA
RSA
RC4(128)
MD5
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-DES-CBC3SHA
ECDH
RSA
3DES(168)
SHA1
ECDH
ECDSA
3DES(168)
SHA1
AECDH-DES-CBC3-SHA
ECDH
None
3DES(168)
SHA1
ECDH-RSA-DES-CBC3-SHA
ECDH/RSA
ECDH
3DES(168)
SHA1
ECDH-ECDSA-DES-CBC3-SHA
ECDH/ECDSA
ECDH
3DES(168)
SHA1
DES-CBC3-SHA
RSA
RSA
3DES(168)
SHA1
DES-CBC-SHA
RSA
RSA
DES(56)
SHA1
ECDHE-RSA-NULL-SHA
ECDH
RSA
None
SHA1
ECDHE-ECDSA-NULL-SHA
ECDH
ECDSA
None
SHA1
AECDH-NULL-SHA
ECDH
None
None
SHA1
ECDH-RSA-NULL-SHA
ECDH/RSA
ECDH
None
SHA1
ECDH-ECDSA-NULL-SHA
ECDH/ECDSA
ECDH
None
SHA1
NULL-SHA256
RSA
RSA
None
SHA256
NULL-SHA
RSA
RSA
None
SHA1
NULL-MD5
DHE-RSA-AES256-GCMSHA384
RSA
RSA
MD5
DH
RSA
None
AESGCM
(256)
AEAD
DHE-RSA-AES256-SHA256
DH
RSA
AES(256)
SHA256
DHE-RSA-AES256-SHA
DH
RSA
SHA1
DHE-RSA-CAMELLIA256-SHA
DH
RSA
SHA1
ADH-AES256-GCM-SHA384
DH
None
AES(256)
Camellia
(256)
AESGCM
(256)
AEAD
ADH-AES256-SHA256
DH
None
AES(256)
SHA256
Page 7
ADH-AES256-SHA
DH
None
SHA1
SHA1
RSA
AES(256)
Camellia
(256)
AESGCM
(128)
ADH-CAMELLIA256-SHA
DH
None
DH
AEAD
DHE-RSA-AES128-SHA
DH
RSA
AES(128)
SHA256
DH
RSA
AES(128)
SHA1
DHE-RSA-SEED-SHA
DH
RSA
SHA1
DH
RSA
SHA1
DH
None
SEED(128)
Camellia
(128)
AESGCM
(128)
AEAD
ADH-AES128-SHA256
DH
None
AES(128)
SHA256
ADH-AES128-SHA
DH
None
AES(128)
SHA1
ADH-SEED-SHA
DH
None
SHA1
ADH-CAMELLIA128-SHA
DH
None
SEED(128)
Camellia
(128)
SHA1
ADH-RC4-MD5
DH
None
RC4(128)
MD5
EDH-RSA-DES-CBC3-SHA
DH
RSA
3DES(168)
SHA1
ADH-DES-CBC3-SHA
DH
None
3DES(168)
SHA1
EDH-RSA-DES-CBC-SHA
DH
RSA
DES(56)
SHA1
ADH-DES-CBC-SHA
DH
None
DES(56)
SHA1
EXP-RC4-MD5
export
RSA
RC4(40)
MD5 export
EXP-EDH-RSA-DES-CBC-SHA
export
RSA
DES(40)
SHA1 export
EXP-ADH-DES-CBC-SHA
export
None
DES(40)
SHA1 export
EXP-ADH-RC4-MD5
export
None
RC4(40)
MD5 export
Table 2 - RSA (Default) Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
TLS
v1.2
RSA
Enc
Symmetric
Encryption
Algorithm
AESGCM
(256)
AES256-GCM-SHA384
RSA
AES256-SHA256
AEAD
RSA
RSA
AES(256)
SHA256
AES256-SHA
RSA
RSA
SHA1
CAMELLIA256-SHA
RSA
RSA
SHA1
AES128-GCM-SHA256
RSA
RSA
AES(256)
Camellia
(256)
AESGCM
(128)
AEAD
AES128-SHA256
RSA
RSA
AES(128)
SHA256
AES128-SHA
RSA
RSA
AES(128)
SHA1
HW
accelerated
Page 8
SEED-SHA
RSA
RSA
SHA1
RSA
SEED(128)
Camellia
(128)
CAMELLIA128-SHA
RSA
SHA1
RC4-SHA
RSA
RSA
RC4(128)
SHA1
RC4-MD5
RSA
RSA
RC4(128)
MD5
DES-CBC3-SHA
RSA
RSA
3DES(168)
SHA1
DES-CBC-SHA
RSA
RSA
DES(56)
SHA1
EXP-DES-CBC-SHA
RSA(512)
RSA
DES(40)
SHA1 export
EXP-RC4-MD5
RSA(512)
RSA
RC4(40)
MD5 export
Table 3 PCI DSS Compliance Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
TLS
v1.2
AEAD
ECDSA
Enc
Symmetric
Encryption
Algorithm
AESGCM
(256)
AESGCM
(256)
ECDH
RSA
ECDH
AEAD
ECDH
RSA
AES(256)
SHA384
ECDH
ECDSA
AES(256)
SHA384
ECDH
RSA
AES(256)
SHA1
ECDH
ECDSA
SHA1
DH
RSA
AES(256)
AESGCM
(256)
AEAD
DH
RSA
SHA256
DH
RSA
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
AES(256)
Camellia
(256)
AESGCM
(256)
AESGCM
(256)
AEAD
ECDH/RSA
ECDH
AES(256)
SHA384
ECDH-ECDSA-AES256-SHA384
ECDH/ECDSA
ECDH
AES(256)
SHA384
ECDH-RSA-AES256-SHA
ECDH/RSA
ECDH
AES(256)
SHA1
ECDH/ECDSA
ECDH
SHA1
AES256-GCM-SHA384
RSA
RSA
AES(256)
AESGCM
(256)
AEAD
AES256-SHA256
RSA
RSA
AES(256)
SHA256
AES256-SHA
RSA
RSA
SHA1
CAMELLIA256-SHA
RSA
RSA
AES(256)
Camellia
(256)
SHA1
HW
accelerated
Page 9
ECDH
RSA
ECDH
ECDSA
AESGCM
(128)
AESGCM
(128)
ECDH
RSA
ECDH
AEAD
AEAD
AES(128)
SHA256
ECDSA
AES(128)
SHA256
ECDH
RSA
AES(128)
SHA1
ECDH
ECDSA
SHA1
DH
RSA
AES(128)
AESGCM
(128)
AEAD
DH
RSA
AES(128)
SHA256
DHE-RSA-SEED-SHA
DH
RSA
SHA1
DH
RSA
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
SEED(128)
Camellia
(128)
AESGCM
(128)
AESGCM
(128)
AEAD
ECDH/RSA
ECDH
AES(128)
SHA256
ECDH/ECDSA
ECDH
AES(128)
SHA256
ECDH-RSA-AES128-SHA
ECDH/RSA
ECDH
AES(128)
SHA1
ECDH/ECDSA
ECDH
SHA1
AES128-GCM-SHA256
RSA
RSA
AES(128)
AESGCM
(128)
AEAD
AES128-SHA256
RSA
RSA
AES(128)
SHA256
AES128-SHA
RSA
RSA
AES(128)
SHA1
SEED-SHA
RSA
RSA
SHA1
CAMELLIA128-SHA
RSA
RSA
SEED(128)
Camellia
(128)
SHA1
ECDHE-RSA-RC4-SHA
ECDH
RSA
RC4(128)
SHA1
ECDHE-ECDSA-RC4-SHA
ECDH
ECDSA
RC4(128)
SHA1
ECDH-RSA-RC4-SHA
ECDH/RSA
ECDH
RC4(128)
SHA1
ECDH-ECDSA-RC4-SHA
ECDH/ECDSA
ECDH
RC4(128)
SHA1
RC4-SHA
RSA
RSA
RC4(128)
SHA1
RC4-MD5
RSA
RSA
RC4(128)
MD5
ECDH
RSA
3DES(168)
SHA1
ECDHE-ECDSA-DES-CBC3-SHA
ECDH
ECDSA
3DES(168)
SHA1
DH
RSA
3DES(168)
SHA1
ECDH/RSA
ECDH
3DES(168)
SHA1
ECDH/ECDSA
ECDH
3DES(168)
SHA1
DES-CBC3-SHA
RSA
RSA
3DES(168)
SHA1
Page 10
Table 4 All Non-Null Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
TLS
v1.2
AEAD
ECDSA
Enc
Symmetric
Encryption
Algorithm
AESGCM
(256)
AESGCM
(256)
ECDH
RSA
ECDH
AEAD
ECDH
RSA
AES(256)
SHA384
ECDH
ECDSA
AES(256)
SHA384
ECDH
RSA
AES(256)
SHA1
ECDH
ECDSA
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
AES(256)
AESGCM
(256)
AESGCM
(256)
AEAD
ECDH/RSA
ECDH
AES(256)
SHA384
ECDH/ECDSA
ECDH
AES(256)
SHA384
ECDH-RSA-AES256-SHA
ECDH/RSA
ECDH
AES(256)
SHA1
ECDH/ECDSA
ECDH
SHA1
AES256-GCM-SHA384
RSA
RSA
AES(256)
AESGCM
(256)
AEAD
AES256-SHA256
RSA
RSA
AES(256)
SHA256
AES256-SHA
RSA
RSA
SHA1
CAMELLIA256-SHA
RSA
RSA
SHA1
ECDH
RSA
AEAD
ECDH
ECDSA
AES(256)
Camellia
(256)
AESGCM
(128)
AESGCM
(128)
AEAD
ECDH
RSA
AES(128)
SHA256
ECDH
ECDSA
AES(128)
SHA256
ECDH
RSA
AES(128)
SHA1
ECDH
ECDSA
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
AES(128)
AESGCM
(128)
AESGCM
(128)
AEAD
ECDH/RSA
ECDH
AES(128)
SHA256
ECDH/ECDSA
ECDH
AES(128)
SHA256
ECDH-RSA-AES128-SHA
ECDH/RSA
ECDH
AES(128)
SHA1
ECDH/ECDSA
ECDH
AES(128)
SHA1
HW
accelerated
Page 11
AES128-GCM-SHA256
RSA
RSA
AESGCM
(128)
AEAD
AES128-SHA256
RSA
RSA
AES(128)
SHA256
AES128-SHA
RSA
RSA
AES(128)
SHA1
SEED-SHA
RSA
RSA
SHA1
CAMELLIA128-SHA
RSA
RSA
SEED(128)
Camellia
(128)
SHA1
ECDHE-RSA-RC4-SHA
ECDH
RSA
RC4(128)
SHA1
ECDHE-ECDSA-RC4-SHA
ECDH
ECDSA
RC4(128)
SHA1
ECDH-RSA-RC4-SHA
ECDH/RSA
ECDH
RC4(128)
SHA1
ECDH-ECDSA-RC4-SHA
ECDH/ECDSA
ECDH
RC4(128)
SHA1
RC4-SHA
RSA
RSA
RC4(128)
SHA1
RC4-MD5
RSA
RSA
RC4(128)
MD5
ECDH
RSA
3DES(168)
SHA1
ECDH
ECDSA
3DES(168)
SHA1
ECDH/RSA
ECDH
3DES(168)
SHA1
ECDH/ECDSA
ECDH
3DES(168)
SHA1
DES-CBC3-SHA
RSA
RSA
3DES(168)
SHA1
DES-CBC-SHA
RSA
RSA
SHA1
DH
RSA
DES(56)
AESGCM
(256)
AEAD
DH
RSA
AES(256)
SHA256
DHE-RSA-AES256-SHA
DH
RSA
SHA1
DH
RSA
SHA1
DH
RSA
AES(256)
Camellia
(256)
AESGCM
(128)
AEAD
DH
RSA
AES(128)
SHA256
DHE-RSA-AES128-SHA
DH
RSA
AES(128)
SHA1
DHE-RSA-SEED-SHA
DH
RSA
SHA1
DH
RSA
SEED(128)
Camellia
(128)
SHA1
DH
RSA
3DES(168)
SHA1
EDH-RSA-DES-CBC-SHA
DH
RSA
DES(56)
SHA1
EXP-DES-CBC-SHA
RSA(512)
RSA
DES(40)
SHA1 export
EXP-RC4-MD5
RSA(512)
RSA
RC4(40)
MD5 export
EXP-EDH-RSA-DES-CBC-SHA
DH(512)
RSA
DES(40)
SHA1 export
Page 12
Table 5 TLSv1.2 Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Enc
Symmetric
Encryption
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
TLS
v1.2
ECDH
RSA
AESGCM (256)
AEAD
ECDH
ECDSA
AESGCM (256)
AEAD
ECDH
RSA
AES(256)
SHA384
ECDH
ECDSA
AES(256)
SHA384
ECDH/RSA
ECDH
AESGCM (256)
AEAD
ECDH/ECDSA
ECDH
AESGCM (256)
AEAD
ECDH/RSA
ECDH
AES(256)
SHA384
ECDH/ECDSA
ECDH
AES(256)
SHA384
AES256-GCM-SHA384
RSA
RSA
AESGCM (256)
AEAD
AES256-SHA256
RSA
RSA
AES(256)
SHA256
ECDH
RSA
AESGCM (128)
AEAD
ECDH
ECDSA
AESGCM (128)
AEAD
ECDH
RSA
AES(128)
SHA256
ECDH
ECDSA
AES(128)
SHA256
ECDH/RSA
ECDH
AESGCM (128)
AEAD
ECDH/ECDSA
ECDH
AESGCM (128)
AEAD
ECDH/RSA
ECDH
AES(128)
SHA256
ECDH/ECDSA
ECDH
AES(128)
SHA256
AES128-GCM-SHA256
RSA
RSA
AESGCM (128)
AEAD
AES128-SHA256
RSA
RSA
AES(128)
SHA256
DH
RSA
AESGCM (256)
AEAD
DH
RSA
AES(256)
SHA256
DH
None
AESGCM (256)
AEAD
ADH-AES256-SHA256
DH
None
AES(256)
SHA256
DH
RSA
AESGCM (128)
AEAD
DH
RSA
AES(128)
SHA256
DH
None
AESGCM(128)
AEAD
ADH-AES128-SHA256
DH
None
AES(128)
SHA256
HW
accelerated
Page 13
Table 6 - Low Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Enc
Symmetric
Encryption
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
HW
accelerated
TLS
v1.2
RC4-SHA
RSA
RSA
RC4(128)
SHA1
RC4-MD5
RSA
RSA
RC4(128)
MD5
DES-CBC-SHA
RSA
RSA
DES(56)
SHA1
EDH-RSA-DES-CBC-SHA
DH
RSA
DES(56)
SHA1
ADH-DES-CBC-SHA
DH
None
DES(56)
SHA1
Table 7 Medium Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Enc
Symmetric
Encryption
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
HW
accelerated
TLS
v1.2
SEED-SHA
RSA
RSA
SEED(128)
SHA1
ECDHE-RSA-RC4-SHA
ECDH
RSA
RC4(128)
SHA1
ECDHE-ECDSA-RC4-SHA
ECDH
ECDSA
RC4(128)
SHA1
AECDH-RC4-SHA
ECDH
None
RC4(128)
SHA1
ECDH-RSA-RC4-SHA
ECDH
RC4(128)
SHA1
ECDH-ECDSA-RC4-SHA
ECDH/RSA
ECDH/ECDS
A
ECDH
RC4(128)
SHA1
RC4-SHA
RSA
RSA
RC4(128)
SHA1
RC4-MD5
RSA
RSA
RC4(128)
MD5
DHE-RSA-SEED-SHA
DH
RSA
SEED(128)
SHA1
ADH-SEED-SHA
DH
None
SEED(128)
SHA1
ADH-RC4-MD5
DH
None
RC4(128)
MD5
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
TLS
v1.2
AEAD
AEAD
SHA384
Table 8 High Cipher Suites

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
ECDH
RSA
ECDH
ECDSA
Enc
Symmetric
Encryption
Algorithm
AESGCM
(256)
AESGCM
(256)
ECDH
RSA
AES(256)
HW
accelerated
Page 14
ECDH
ECDSA
AES(256)
SHA384
ECDH
RSA
AES(256)
SHA1
ECDH
ECDSA
AES(256)
SHA1
AECDH-AES256-SHA
ECDH
None
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
AES(256)
AESGCM
(256)
AESGCM
(256)
AEAD
ECDH/RSA
ECDH
AES(256)
SHA384
ECDH/ECDSA
ECDH
AES(256)
SHA384
ECDH-RSA-AES256-SHA
ECDH/RSA
ECDH
AES(256)
SHA1
ECDH/ECDSA
ECDH
SHA1
AES256-GCM-SHA384
RSA
RSA
AES(256)
AESGCM
(256)
AEAD
AES256-SHA256
RSA
RSA
AES(256)
SHA256
AES256-SHA
RSA
RSA
SHA1
CAMELLIA256-SHA
RSA
RSA
SHA1
ECDH
RSA
AEAD
ECDH
ECDSA
AES(256)
Camellia
(256)
AESGCM
(128)
AESGCM
(128)
AEAD
ECDH
RSA
AES(128)
SHA256
ECDH
ECDSA
AES(128)
SHA256
ECDH
RSA
AES(128)
SHA1
ECDH
ECDSA
AES(128)
SHA1
AECDH-AES128-SHA
ECDH
None
SHA1
ECDH/RSA
ECDH
AEAD
ECDH/ECDSA
ECDH
AES(128)
AESGCM
(128)
AESGCM
(128)
AEAD
ECDH/RSA
ECDH
AES(128)
SHA256
ECDH/ECDSA
ECDH
AES(128)
SHA256
ECDH-RSA-AES128-SHA
ECDH/RSA
ECDH
AES(128)
SHA1
ECDH/ECDSA
ECDH
SHA1
AES128-GCM-SHA256
RSA
RSA
AES(128)
AESGCM
(128)
AEAD
AES128-SHA256
RSA
RSA
AES(128)
SHA256
AES128-SHA
RSA
RSA
SHA1
CAMELLIA128-SHA
RSA
RSA
AES(128)
Camellia
(128)
SHA1
ECDH
RSA
3DES(168)
SHA1
ECDH
ECDSA
3DES(168)
SHA1
Page 15
AECDH-DES-CBC3-SHA
ECDH
None
3DES(168)
SHA1
ECDH/RSA
ECDH
3DES(168)
SHA1
ECDH/ECDSA
ECDH
3DES(168)
SHA1
DES-CBC3-SHA
RSA
RSA
SHA1
DH
RSA
3DES(168)
AESGCM
(256)
AEAD
DH
RSA
AES(256)
SHA256
DHE-RSA-AES256-SHA
DH
RSA
SHA1
DH
RSA
SHA1
DH
None
AES(256)
Camellia
(256)
AESGCM
(256)
AEAD
ADH-AES256-SHA256
DH
None
AES(256)
SHA256
ADH-AES256-SHA
DH
None
SHA1
ADH-CAMELLIA256-SHA
DH
None
SHA1
DH
RSA
AES(256)
Camellia
(256)
AESGCM
(128)
AEAD
DH
RSA
AES(128)
SHA256
DHE-RSA-AES128-SHA
DH
RSA
SHA1
DH
RSA
SHA1
DH
None
AES(128)
Camellia
(128)
AESGCM
(128)
AEAD
ADH-AES128-SHA256
DH
None
AES(128)
SHA256
ADH-AES128-SHA
DH
None
SHA1
ADH-CAMELLIA128-SHA
DH
None
AES(128)
Camellia
(128)
SHA1
DH
RSA
3DES(168)
SHA1
ADH-DES-CBC3-SHA
DH
None
3DES(168)
SHA1
Table 9 EC Ciphers
Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
Enc
Symmetric
Encryption
Algorithm
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
TLS
v1.2
AECDH-AES128-SHA
ECDH
None
AES(128)
SHA1
AECDH-AES256-SHA
ECDH
None
AES(256)
SHA1
AECDH-DES-CBC3-SHA
ECDH
None
3DES(168)
SHA1
AECDH-NULL-SHA
ECDH
None
None
SHA1
AECDH-RC4-SHA
ECDH
None
SHA1
ECDH/ECDSA
ECDH
RC4(128)
AESGCM
(128)
AEAD
HW
accelerated
Page 16
ECDH/ECDSA
ECDH
AES(128)
SHA1
ECDH/ECDSA
ECDH
SHA256
ECDH/ECDSA
ECDH
AES(128)
AESGCM
(256)
AEAD
ECDH/ECDSA
ECDH
AES(256)
SHA1
ECDH/ECDSA
ECDH
AES(256)
SHA384
ECDH/ECDSA
ECDH
3DES(168)
SHA1
ECDH-ECDSA-NULL-SHA
ECDH/ECDSA
ECDH
None
SHA1
ECDH-ECDSA-RC4-SHA
ECDH/ECDSA
ECDH
SHA1
ECDH
ECDSA
RC4(128)
AESGCM
(128)
AEAD
ECDH
ECDSA
AES(128)
SHA1
ECDH
ECDSA
SHA256
ECDH
ECDSA
AES(128)
AESGCM
(256)
AEAD
ECDH
ECDSA
AES(256)
SHA1
ECDH
ECDSA
AES(256)
SHA384
ECDH
ECDSA
3DES(168)
SHA1
ECDHE-ECDSA-NULL-SHA
ECDH
ECDSA
None
SHA1
ECDHE-ECDSA-RC4-SHA
ECDH
ECDSA
SHA1
ECDH
RSA
RC4(128)
AESGCM
(128)
AEAD
ECDH
RSA
AES(128)
SHA1
ECDH
RSA
SHA256
ECDH
RSA
AES(128)
AESGCM
(256)
AEAD
ECDH
RSA
AES(256)
SHA1
ECDH
RSA
AES(256)
SHA384
ECDH
RSA
3DES(168)
SHA1
ECDHE-RSA-NULL-SHA
ECDH
RSA
None
SHA1
ECDHE-RSA-RC4-SHA
ECDH
RSA
RC4(128)
SHA1
Enc
Symmetric
Encryption
Algorithm
AESGCM
(128)
AESGCM
(256)
Mac
Digest
Algorithm
Protocols Supported
(Software)
SSL
TLS
TLS
v3
v1.0
v1.1
TLS
v1.2
AEAD
AEAD
Table 10 GCM Ciphers

Cipher Suite
Kx
Key
Exchange
Algorithm
Au
Authentication
Algorithm
DH
None
DH
None
HW
accelerated
Page 17
AES128-GCM-SHA256
RSA
RSA
AES256-GCM-SHA384
RSA
RSA
DH
RSA
DH
RSA
ECDH/ECDSA
ECDH
ECDH/ECDSA
ECDH
ECDH
ECDSA
ECDH
ECDSA
ECDH
RSA
ECDH
RSA
AESGCM
(128)
AESGCM
(256)
AESGCM
(128)
AESGCM
(256)
AESGCM
(128)
AESGCM
(256)
AESGCM
(128)
AESGCM
(256)
AESGCM
(128)
AESGCM
(256)
AEAD
AEAD
AEAD
AEAD
AEAD
AEAD
AEAD
AEAD
AEAD
AEAD
Page 18
North America
International
Radware Inc.
Radware Ltd.
575 Corporate Drive
22 Raoul Wallenberg St.
Mahwah, NJ 07430
Tel Aviv 69710, Israel
Tel: +1-888-234-5763
Tel: +972 3 766 8666
2015 Radware, Ltd. All Rights Reserved. Radware and all other Radware product and service names are registered
trademarks of Radware in the U.S. and other countries. All other trademarks and names are the property of their respective
owners.
Page 19

Cipher List 30 2 1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cipher List 30 2 1

Uploaded by

Copyright:

Available Formats

Cipher Suites Supported by Alteon

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Cipher Suites Overview, page 2143

Cipher Suites Used by Alteon, page 2144

Cipher Suite Tables, page 2145

Cipher Suites Overview

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

AESAdvanced Encryption Standard

DESData Encryption Standard

DSSDigital Signature Standard

MD5Message Digest algorithm

RC2, RC4Rivest encryption

SHASecure Hash algorithm

3DESDES applied three times

Cipher Suites Used by Alteon

ALLAll cipher suites.

RSA (Default)Cipher suite using RSA key exchange.

PCI DSS CompliancePayment Card Industry Data Security Standard.

SSLv3SSL v3.0 cipher suites.

TLSv1TLS v1.0 cipher suites.

TLSv1.2TLS v1.2 cipher suites.

ExportExport encryption algorithms including 40 and 56 bit.

LowLow exception cipher suites, currently using 64 or 56 bit encryption algorithms

MediumMedium encryption cipher suites, currently using 128 bit encryption.

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

RSA:AES-128:SHA1Cipher suite using RSA key exchange, 128-bit AES for

RSA:AES-256:SHA1Cipher suite using RSA key exchange, 256-bit AES for

Cipher Suite Tables

Table 1 - All Cipher Suites

Table 2 - RSA (Default) Cipher Suites

Table 3 PCI DSS Compliance Cipher Suites

Table 4 All Non-Null Cipher Suites

Table 5 TLSv1.2 Cipher Suites

Table 6 - Low Cipher Suites

Table 7 Medium Cipher Suites

Table 8 High Cipher Suites

Table 10 GCM Ciphers

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Table 1 - All Cipher Suites

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Table 2 - RSA (Default) Cipher Suites

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Table 3 PCI DSS Compliance Cipher Suites

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Table 4 All Non-Null Cipher Suites

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Table 5 TLSv1.2 Cipher Suites

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Table 6 - Low Cipher Suites

Table 7 Medium Cipher Suites

Table 8 High Cipher Suites

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Table 10 GCM Ciphers

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

Cipher Suites Supported by Alteon Version 30.2.1-issue 2

575 Corporate Drive

22 Raoul Wallenberg St.

Tel Aviv 69710, Israel