Selecting Cipher Suites


Selecting Cipher Suites

During cipher suite negotiation, HostExplorer and the server decide on a cipher suite that they both can support. This includes:

  • the key exchange algorithm (for example, Diffie Hellman)
  • the encryption algorithm (for example, 3DES_EDE_CBC)
  • the cipher suite that will used to transfer data
  • the message digest used to determine whether the message was altered

A breakdown of the cipher suite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA is as follows:

  • TLS—TLS-based cipher suite
  • DH—uses the Diffie Hellman algorithm for key exchange
  • RSA—uses RSA for authentication (server and possibly client)
  • 3DES_EDE_CBC—uses the 3DES_EDE_CBC algorithm for symmetric encryption
  • SHA—uses the Secure Hash Algorithm (SHA) algorithm for message digest calculations

HostExplorer offers a wide variety of cipher suites. The available ciphers vary depending on the version of SSL/TLS that you are using (version 2, 3, or both).

  The server to which you are connecting may only support certain cipher suites. Therefore, if you select specific cipher suites, and the server does not support any of them, the connection may not be established. If this occurs, select all of the available cipher suites and retry the connection.

To select a cipher suite to use for data encryption/decryption:

  1. On the Options menu, click Session Properties. The Session Profile dialog box opens.
  2. Expand the Security folder, and click the General category.
  3. Select the SSL/TLS option.
  4. Click the SSL/TLS tab.
  5. In the Version list, select the version of SSL/TLS that you want to use.
  6. Click Select Cipher Suites. The SSL TLS Ciphers dialog box opens corresponding to the SSL/TLS version that you specified.
  1. By default, the Use Default Ciphers check box is automatically selected. This indicates that you want to use only the default ciphers available on your machine. However, you have the choice of selecting specific ciphers.

    Tip:  If you want to select all the ciphers in the list, click Select All. To clear the list, click Clear All.

  2. Click OK.

Related Topics

SSL/TLS Ciphers Dialog Box