I have been lately reading cipher suites and how it works. I figured how it works in the web servers and there is a doubt regarding the prefixes used in the order.
How are RC4-SHA and RC4+SHA different?
Can anyone give a better explanation of how the prefixes work?
From the documentation:
CIPHER LIST FORMAT
...
It can consist of a single cipher suite such as RC4-SHA.
...
Lists of cipher suites can be combined in a single cipher string using the + character. This is used as a logical and operation. For example SHA1+DES represents all cipher suites containing the SHA1 and the DES algorithms.
Thus, RC4-SHA is the RC4-SHA cipher, also known as TLS_RSA_WITH_RC4_128_SHA:
$ openssl ciphers -V 'RC4-SHA'
0x00,0x05 - RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4+SHA instead contains all ciphers which use RC4 encryption with SHA1 as MAC, i.e.
$ openssl ciphers -V 'SHA+RC4'
0xC0,0x11 - ECDHE-RSA-RC4-SHA SSLv3 Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
0xC0,0x07 - ECDHE-ECDSA-RC4-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=RC4(128) Mac=SHA1
0xC0,0x16 - AECDH-RC4-SHA SSLv3 Kx=ECDH Au=None Enc=RC4(128) Mac=SHA1
0xC0,0x0C - ECDH-RSA-RC4-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=RC4(128) Mac=SHA1
0xC0,0x02 - ECDH-ECDSA-RC4-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=RC4(128) Mac=SHA1
0x00,0x05 - RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
0x00,0x8A - PSK-RC4-SHA SSLv3 Kx=PSK Au=PSK Enc=RC4(128) Mac=SHA1
