I just wanted to know for sure that TLS 1.3 does not support DHE_EXPORT cipher suits.
Asked
Active
Viewed 73 times
1 Answers
1
RFC 8446 page 133 contains the complete list of cipher suites TLS 1.3 allows.
The complete list is
+------------------------------+-------------+
| Description | Value |
+------------------------------+-------------+
| TLS_AES_128_GCM_SHA256 | {0x13,0x01} |
| | |
| TLS_AES_256_GCM_SHA384 | {0x13,0x02} |
| | |
| TLS_CHACHA20_POLY1305_SHA256 | {0x13,0x03} |
| | |
| TLS_AES_128_CCM_SHA256 | {0x13,0x04} |
| | |
| TLS_AES_128_CCM_8_SHA256 | {0x13,0x05} |
+------------------------------+-------------+
none of which are ≤56-bit security (i.e. the DHE_EXPORT list ciphers are all deprecated and have been removed). TLS 1.3 does not specify the asymmetric algorithms (for key exchange or signatures) in the cipher suite, those are specified by the supported_groups in section 4.2.7 and key_share in section 4.2.8. None of those are ≤56-bit either. The signature algorithms in section 4.2.3 are also all >56-bit security.
SAI Peregrinus
- 5,836
- 19
- 26
-
Thank you SAI. Appreciate your help. – warren Sep 02 '23 at 00:31