RFC 3268 (rfc3268) - Page 2 of 7
Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)
Alternative Format: Original Text Document
RFC 3268 AES Ciphersuites for TLS June 2002
4. Currently the DHE ciphersuites only allow triple DES (along with
some "export" variants which do not use a satisfactory key
length). At the same time the DHE ciphersuites are the only ones
to offer forward secrecy.
This document proposes several new ciphersuites, with the aim of
overcoming these problems.
Cipher Usage
The new ciphersuites proposed here are very similar to the following,
defined in [TLS]:
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
All the ciphersuites described here use the AES in cipher block
chaining (CBC) mode. Furthermore, they use SHA-1 [SHA-1] in an HMAC
construction as described in section 5 of [TLS]. (Although the TLS
ciphersuite names include the text "SHA", this actually refers to the
modified SHA-1 version of the algorithm.)
The ciphersuites differ in the type of certificate and key exchange
method. The ciphersuites defined here use the following options for
this part of the protocol:
CipherSuite Certificate type (if applicable)
and key exchange algorithm
TLS_RSA_WITH_AES_128_CBC_SHA RSA
TLS_DH_DSS_WITH_AES_128_CBC_SHA DH_DSS
TLS_DH_RSA_WITH_AES_128_CBC_SHA DH_RSA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE_DSS
TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE_RSA
TLS_DH_anon_WITH_AES_128_CBC_SHA DH_anon
TLS_RSA_WITH_AES_256_CBC_SHA RSA
TLS_DH_DSS_WITH_AES_256_CBC_SHA DH_DSS
TLS_DH_RSA_WITH_AES_256_CBC_SHA DH_RSA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE_DSS
TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE_RSA
TLS_DH_anon_WITH_AES_256_CBC_SHA DH_anon
Chown Standards Track