diff options
Diffstat (limited to 'manual/html_node/Encryption-algorithms-used-in-the-record-layer.html')
-rw-r--r-- | manual/html_node/Encryption-algorithms-used-in-the-record-layer.html | 235 |
1 files changed, 0 insertions, 235 deletions
diff --git a/manual/html_node/Encryption-algorithms-used-in-the-record-layer.html b/manual/html_node/Encryption-algorithms-used-in-the-record-layer.html deleted file mode 100644 index 018061b4db..0000000000 --- a/manual/html_node/Encryption-algorithms-used-in-the-record-layer.html +++ /dev/null @@ -1,235 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<!-- This manual is last updated 4 March 2015 for version -3.5.4 of GnuTLS. - -Copyright (C) 2001-2015 Free Software Foundation, Inc.\\ -Copyright (C) 2001-2015 Nikos Mavrogiannopoulos - -Permission is granted to copy, distribute and/or modify this document -under the terms of the GNU Free Documentation License, Version 1.3 or -any later version published by the Free Software Foundation; with no -Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A -copy of the license is included in the section entitled "GNU Free -Documentation License". --> -<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ --> -<head> -<title>GnuTLS 3.5.4: Encryption algorithms used in the record layer</title> - -<meta name="description" content="GnuTLS 3.5.4: Encryption algorithms used in the record layer"> -<meta name="keywords" content="GnuTLS 3.5.4: Encryption algorithms used in the record layer"> -<meta name="resource-type" content="document"> -<meta name="distribution" content="global"> -<meta name="Generator" content="makeinfo"> -<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> -<link href="index.html#Top" rel="start" title="Top"> -<link href="Function-and-Data-Index.html#Function-and-Data-Index" rel="index" title="Function and Data Index"> -<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents"> -<link href="The-TLS-record-protocol.html#The-TLS-record-protocol" rel="up" title="The TLS record protocol"> -<link href="Compression-algorithms-used-in-the-record-layer.html#Compression-algorithms-used-in-the-record-layer" rel="next" title="Compression algorithms used in the record layer"> -<link href="The-TLS-record-protocol.html#The-TLS-record-protocol" rel="prev" title="The TLS record protocol"> -<style type="text/css"> -<!-- -a.summary-letter {text-decoration: none} -blockquote.indentedblock {margin-right: 0em} -blockquote.smallindentedblock {margin-right: 0em; font-size: smaller} -blockquote.smallquotation {font-size: smaller} -div.display {margin-left: 3.2em} -div.example {margin-left: 3.2em} -div.lisp {margin-left: 3.2em} -div.smalldisplay {margin-left: 3.2em} -div.smallexample {margin-left: 3.2em} -div.smalllisp {margin-left: 3.2em} -kbd {font-style: oblique} -pre.display {font-family: inherit} -pre.format {font-family: inherit} -pre.menu-comment {font-family: serif} -pre.menu-preformatted {font-family: serif} -pre.smalldisplay {font-family: inherit; font-size: smaller} -pre.smallexample {font-size: smaller} -pre.smallformat {font-family: inherit; font-size: smaller} -pre.smalllisp {font-size: smaller} -span.nolinebreak {white-space: nowrap} -span.roman {font-family: initial; font-weight: normal} -span.sansserif {font-family: sans-serif; font-weight: normal} -ul.no-bullet {list-style: none} -body { - margin: 2%; - padding: 0 5%; - background: #ffffff; -} -h1,h2,h3,h4,h5 { - font-weight: bold; - padding: 5px 5px 5px 5px; - background-color: #c2e0ff; - color: #336699; -} -h1 { - padding: 2em 2em 2em 5%; - color: white; - background: #336699; - text-align: center; - letter-spacing: 3px; -} -h2 { text-decoration: underline; } -pre { - margin: 0 5%; - padding: 0.5em; -} -pre.example,pre.verbatim { - padding-bottom: 1em; - - border: solid #c2e0ff; - background: #f0faff; - border-width: 1px 1px 1px 5px; - margin: 1em auto; - width: 90%; -} - -div.node { - margin: 0 -5% 0 -2%; - padding: 0.5em 0.5em; - margin-top: 0.5em; - margin-bottom: 0.5em; - font-weight: bold; -} -dd, li { - padding-top: 0.1em; - padding-bottom: 0.1em; -} -div.float { - - margin-bottom: 0.5em; - text-align: center; -} - -table { - text-align: left; - margin-left:auto; - margin-right:auto; - border-spacing: 7px; - width: 50%; -} - -th { - padding: 0; - color: #336699; - background-color: #c2e0ff; - border: solid #000000; - border-width: 0px; - margin: 1em auto; - text-align: center; - margin-left:auto; - margin-right:auto; -} - -td { - padding: 0; - border: solid #000000; - background-color: #f0faff; - border-width: 0px; - margin: 1em auto; - text-align: left; - margin-left:auto; - margin-right:auto; - padding-left: 1em; -} - -dl { - text-align: left; - margin-left:auto; - margin-right:auto; - width: 50%; - - padding-left: 1em; - border: solid #c2e0ff; - background: #f0faff; - border-width: 5px 1px 1px 1px; - margin: 1em auto; -} - ---> -</style> - - -</head> - -<body lang="en"> -<a name="Encryption-algorithms-used-in-the-record-layer"></a> -<div class="header"> -<p> -Next: <a href="Compression-algorithms-used-in-the-record-layer.html#Compression-algorithms-used-in-the-record-layer" accesskey="n" rel="next">Compression algorithms used in the record layer</a>, Up: <a href="The-TLS-record-protocol.html#The-TLS-record-protocol" accesskey="u" rel="up">The TLS record protocol</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p> -</div> -<hr> -<a name="Encryption-algorithms-used-in-the-record-layer-1"></a> -<h4 class="subsection">3.3.1 Encryption algorithms used in the record layer</h4> -<a name="index-symmetric-encryption-algorithms"></a> - -<p>Confidentiality in the record layer is achieved by using symmetric -block encryption algorithms like <code>3DES</code>, <code>AES</code> -or stream algorithms like <code>ARCFOUR_128</code>. - Ciphers are encryption algorithms that use a single, secret, -key to encrypt and decrypt data. Block algorithms in CBC mode also provide -protection against statistical analysis of the data. Thus, if you’re -using the <acronym>TLS</acronym> protocol, a random number of blocks will be -appended to data, to prevent eavesdroppers from guessing the actual -data size. -</p> -<p>The supported in <acronym>GnuTLS</acronym> ciphers and MAC algorithms are shown in <a href="#tab_003aciphers">Table 3.1</a> and -<a href="#tab_003amacs">Table 3.2</a>. -</p> -<div class="float"><a name="tab_003aciphers"></a> -<table> -<thead><tr><th width="20%">Algorithm</th><th width="70%">Description</th></tr></thead> -<tr><td width="20%">AES_CBC</td><td width="70%">AES or RIJNDAEL is the block cipher algorithm that replaces the old -DES algorithm. Has 128 bits block size and is used in CBC mode.</td></tr> -<tr><td width="20%">AES_GCM</td><td width="70%">This is the AES algorithm in the authenticated encryption GCM mode. -This mode combines message authentication and encryption and can -be extremely fast on CPUs that support hardware acceleration.</td></tr> -<tr><td width="20%">AES_CCM</td><td width="70%">This is the AES algorithm in the authenticated encryption CCM mode. -This mode combines message authentication and encryption and is -often used by systems without AES or GCM acceleration support.</td></tr> -<tr><td width="20%">AES_CCM_8</td><td width="70%">This is the AES algorithm in the authenticated encryption CCM mode -with a truncated to 64-bit authentication tag. This mode is for -communication with restricted systems.</td></tr> -<tr><td width="20%">CAMELLIA_CBC</td><td width="70%">This is an 128-bit block cipher developed by Mitsubishi and NTT. It -is one of the approved ciphers of the European NESSIE and Japanese -CRYPTREC projects.</td></tr> -<tr><td width="20%">CHACHA20_POLY1305</td><td width="70%">CHACHA20-POLY1305 is an authenticated encryption algorithm based on CHACHA20 cipher and -POLY1305 MAC. CHACHA20 is a refinement of SALSA20 algorithm, an approved cipher by -the European ESTREAM project. POLY1305 is Wegman-Carter, one-time authenticator. The -combination provides a fast stream cipher suitable for systems where a hardware AES -accelerator is not available.</td></tr> -<tr><td width="20%">3DES_CBC</td><td width="70%">This is the DES block cipher algorithm used with triple -encryption (EDE). Has 64 bits block size and is used in CBC mode.</td></tr> -<tr><td width="20%">ARCFOUR_128</td><td width="70%">ARCFOUR-128 is a compatible algorithm with RSA’s RC4 algorithm, which is considered to be a trade -secret. It is a fast cipher but considered weak today, and thus it is not enabled by default.</td></tr> -</table> - -<div class="float-caption"><p><strong>Table 3.1: </strong>Supported ciphers in TLS.</p></div></div> - -<div class="float"><a name="tab_003amacs"></a> -<table> -<thead><tr><th width="20%">Algorithm</th><th width="70%">Description</th></tr></thead> -<tr><td width="20%">MAC_MD5</td><td width="70%">This is an HMAC based on MD5 a cryptographic hash algorithm designed -by Ron Rivest. Outputs 128 bits of data.</td></tr> -<tr><td width="20%">MAC_SHA1</td><td width="70%">An HMAC based on the SHA1 cryptographic hash algorithm -designed by NSA. Outputs 160 bits of data.</td></tr> -<tr><td width="20%">MAC_SHA256</td><td width="70%">An HMAC based on SHA2-256. Outputs 256 bits of data.</td></tr> -<tr><td width="20%">MAC_SHA384</td><td width="70%">An HMAC based on SHA2-384. Outputs 384 bits of data.</td></tr> -<tr><td width="20%">MAC_AEAD</td><td width="70%">This indicates that an authenticated encryption algorithm, such as -GCM, is in use.</td></tr> -</table> - -<div class="float-caption"><p><strong>Table 3.2: </strong>Supported MAC algorithms in TLS.</p></div></div> - -<hr> -<div class="header"> -<p> -Next: <a href="Compression-algorithms-used-in-the-record-layer.html#Compression-algorithms-used-in-the-record-layer" accesskey="n" rel="next">Compression algorithms used in the record layer</a>, Up: <a href="The-TLS-record-protocol.html#The-TLS-record-protocol" accesskey="u" rel="up">The TLS record protocol</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p> -</div> - - - -</body> -</html> |