Description
This article describes the cipher suite TLS1.2 concept and provides an explanation of how it works.
Scope
Any Fortinet products which support cipher suite 1.2.
Solution
Cipher suites are collections of protocols and algorithms that facilitate the establishment of secure connections over networks using Transport Layer Security (TLS), commonly referred to as Secure Sockets Layer (SSL). These suites play a crucial role in securing the data exchanged between clients and servers by determining the set of encryption methods and other necessary security procedures.
When establishing a secure HTTPS connection, the web server and the client first undergo a process known as the SSL handshake. This handshake, which can be intricate, involves both parties agreeing on a cipher suite to use for their communication. Once a common cipher suite is selected, it is then used to create and maintain a secure encrypted HTTPS session.
The following illustration outlines the information provided by a cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.
Starting from left to right:
- TLS: Protocol.
- ECDHE: Key exchange algorithm.
RSA: Authentication algorithm.
- AES_128_GCM: Encryption algorithm.
- SHA256: Hash algorithm.
