Selecting Cipher Suites
During cipher suite negotiation, HostExplorer and the server decide on a cipher suite that they both can support. This includes:
- the key exchange algorithm (for example, Diffie Hellman)
- the encryption algorithm (for example, 3DES_EDE_CBC)
- the cipher suite that will used to transfer data
- the message digest used to determine whether the message was altered
A breakdown of the cipher suite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA is as follows:
- TLS—TLS-based cipher suite
- DH—uses the Diffie Hellman algorithm for key exchange
- RSA—uses RSA for authentication (server and possibly client)
- 3DES_EDE_CBC—uses the 3DES_EDE_CBC algorithm for symmetric encryption
- SHA—uses the Secure Hash Algorithm (SHA) algorithm for message digest calculations
HostExplorer offers a wide variety of cipher suites. The available ciphers vary depending on the version of SSL/TLS that you are using (version 2, 3, or both).
To select a cipher suite to use for data encryption/decryption:
- On the Options menu, click Session Properties. The Session Profile dialog box opens.
- Expand the Security folder, and click the General category.
- Select the SSL/TLS option.
- Click the SSL/TLS tab.
- In the Version list, select the version of SSL/TLS that you want to use.
- Click Select Cipher Suites. The SSL TLS Ciphers dialog box opens corresponding to the SSL/TLS version that you specified.
- By default, the Use Default Ciphers check box is automatically selected. This indicates that you want to use only the default ciphers available on your machine. However, you have the choice of selecting specific ciphers.
Tip: If you want to select all the ciphers in the list, click Select All. To clear the list, click Clear All.
- Click OK.