Weak Cipher Suite

IANA name:

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256

Hex code:

0xC0, 0x2D

TLS Version(s):

TLS1.2, TLS1.3

---

Protocol:

Transport Layer Security (TLS)

Key Exchange:

Elliptic Curve Diffie-Hellman (ECDH)

Non-ephemeral Key Exchange:

This key exchange algorithm does not support Perfect Forward Secrecy (PFS) which is recommended, so attackers cannot decrypt the complete communication stream.

Authentication:

Elliptic Curve Digital Signature Algorithm (ECDSA)

Encryption:

AEAD Advanced Encryption Standard with 128bit key in Galois/Counter mode (AES 128 GCM)

Hash:

Secure Hash Algorithm 256 (SHA256)

---

Included in RFC:

• RFC 5289

Machine-readable:

application/json