Insecure Cipher Suite

IANA name:

TLS_PSK_WITH_NULL_SHA256

OpenSSL name:

PSK-NULL-SHA256

GnuTLS name:

TLS_PSK_NULL_SHA256

Hex code:

0x00, 0xB0

TLS Version(s):

TLS1.0, TLS1.1, TLS1.2

---

Protocol:

Transport Layer Security (TLS)

Key Exchange:

Pre-Shared Key (PSK)

Non-ephemeral Key Exchange:

This key exchange algorithm does not support Perfect Forward Secrecy (PFS) which is recommended, so attackers cannot decrypt the complete communication stream.

Authentication:

Pre-Shared Key (PSK)

Encryption:

NULL Encryption (NULL)

NULL Encryption:

This cipher suite uses no encryption at all. Hence, it is not providing confidentiality.

Hash:

HMAC Secure Hash Algorithm 256 (SHA256)

---

Included in RFC:

• RFC 5487

Machine-readable:

application/json