Secure Cipher Suite

IANA name:

TLS_DHE_RSA_WITH_AES_128_CCM_8

OpenSSL name:

DHE-RSA-AES128-CCM8

GnuTLS name:

TLS_DHE_RSA_AES_128_CCM_8

Hex code:

0xC0, 0xA2

TLS Version(s):

TLS1.2, TLS1.3

---

Protocol:

Transport Layer Security (TLS)

Key Exchange:

PFS Diffie-Hellman Ephemeral (DHE)

Authentication:

Rivest Shamir Adleman algorithm (RSA)

RSA Authentication:

There are reports that servers using the RSA authentication algorithm with keys longer than 3072-bit may experience heavy performance issues leading to connection timeouts and even service unavailability if many clients open simultaneous connections.

Encryption:

AEAD Advanced Encryption Standard with 128bit key in Counter with CBC-MAC mode with 8-Octet ICV (AES 128 CCM 8)

Hash:

Secure Hash Algorithm 256 (SHA256)

---

Included in RFC:

• RFC 6655

Machine-readable:

application/json