In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code.
Questions tagged [ciphers]
141 questions
28
votes
4 answers
Do you rather trust a widely adopted algorithm or an underdog if they're cryptoanalytically on a level playingfield?
If it comes to the security a hashing or encryption algorithm provides, we never know the full story. There's that part that we (respectively the public research) understand and can reason about, but we also know that there might be weaknesses we do…
matthias_buehlmann
- 565
- 4
- 12
23
votes
6 answers
Why does IV not need to be secret in AES CBC encryption?
According to Wikipedia, the initialization vector (IV) does not have to be secret, when using the CBC mode of operation. Here is the schema of CBC encryption (also from Wikipedia):
What if I encrypt a plaintext file, where the first block has a…
Martin Vegter
- 1,826
- 4
- 27
- 39
18
votes
1 answer
How do I know which cipher suites can be disabled?
I have just performed a test on my personal webiste via SSLlabs.com and I'm apparently supporting some weaker ciphers. I've managed to improve several settings (like CAA), but I'm getting stuck at the ciphers.
I've been looking around a bit, but…
Martijn
- 359
- 1
- 2
- 9
17
votes
3 answers
Is there a cipher suite "translator"
I have a list of cipher suites in this format:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384
Is there a fast, easy way of translating it to more human readable/management readable format? :)
mancuss
- 303
- 2
- 6
12
votes
2 answers
What is the most robust available algo for GPG symmetric encryption?
What is the most robust available algo for GPG symmetric encryption (given as argument of --cipher-algo)?
Possible ciphers:
IDEA
3DES
CAST5
BLOWFISH
AES
AES192
AES256
TWOFISH
CAMELLIA128
CAMELLIA192
CAMELLIA256
user123456
- 520
- 1
- 4
- 13
11
votes
2 answers
TLS 1.2 and enable only AEAD ciphers suite list
A company have made a vulnerability scan and give us a report that, recommends to use TLS 1.2 and enable only AEAD ciphers suite, but they aren't giving more information about what I need to achieve this.
I haven't found the list of this ciphers…
kimo pryvt
- 469
- 4
- 6
- 12
8
votes
2 answers
Why is the BCrypt text "OrpheanBeholderScryDoubt"
I'm looking for a reference about the weird initial BCrypt text "OrpheanBeholderScryDoubt"
Why was this string used?
Would using 192 zeros or ones not have worked well in practice for some reason?
Was that just four random dictionary words…
wim
- 623
- 1
- 5
- 18
8
votes
3 answers
What are the 'P' values in some cipher string?
Most of the cipher strings I see are in the format:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
However, I've come across workstations with…
user58446
- 513
- 6
- 13
8
votes
3 answers
Chrome browser reports obsolete cipher (AES_256_CBC with HMAC-SHA1)
Jboss 6 server is configured to support these…
user133283
- 91
- 1
- 1
- 4
7
votes
1 answer
Google Chrome weird random Cipher Suite
This websites gives you information on the SSL cipher suites your browser supports for securing HTTPS connections.
If you browse it with Google Chrome, you'll probably see some weird Cipher Suites in your browser supported Cipher Suites list.…
Ebrahim Ghasemi
- 264
- 2
- 10
7
votes
2 answers
Is Telegram E2E Still Insecure?
This was already asked here, but I have questions about the answer.
https://security.stackexchange.com/a/49802/118071
I'm not sure if that answer applies to the full E2E mode. Another answer states:
Diffie-Hellman End-to-end encryption is known to…
Jesse Adam
- 167
- 1
- 5
7
votes
1 answer
Is the order of cipher suites related to the client's preferences ?
I am wondering if the order in which the cipher suites appear (from top to bottom) in the ClientHello message, and the client preference are relevant. So for example in the picture I have attached, is TLS_RSA_WITH_RC4_128_MD5 the most preferred…
Irene Ant
- 659
- 7
- 19
7
votes
1 answer
Openssl ciphers list sorting and removing
I was playing with a ciphers app to create example list of suites.
Looking at the website (https://openssl.org/docs/manmaster/apps/ciphers.html) if I run one of the examples there:
openssl ciphers -v '3DES:+RSA'
I supposed to get a list of 3DES…
Daniel Gruszczyk
- 173
- 1
- 5
6
votes
3 answers
Qualys SSL Scan weak cipher suites which are secure according to ciphersuite.info
I am testing my application SSL configuration in Qualys SSL Labs and as a result, I have this cipher suites labeled as weak:
But according to https://ciphersuite.info/ all of these cipher suites are secure or even recommended.
How should I…
user187205
- 1,163
- 3
- 15
- 24
6
votes
2 answers
Role of the chosen ciphersuite in an SSL/TLS connection
When it comes to a secure TLS configuration (e.g. for HTTPS), the topic is prominently about the supported cipher suites.
I want to fully understand which part of the cipher suite has which role in a SSL/TLS connection.
So from what I understand it…
SaAtomic
- 989
- 2
- 15
- 27