Cipher Suite Definition

KZero Staff
Jul 27, 2023

What is a Cipher Suite?

The Transport Layer Security (TLS) protocol is used to provide an encrypted, authenticated connection between two computers. TLS supports a variety of different cryptographic algorithms to achieve this purpose.

A cipher suite is a set of cryptographic algorithms used during a TLS session. As part of the process of setting up a TLS session, the client and server agree on the algorithms or cipher suite that they will use.

Components of a Cipher Suite

TLS uses a few different cryptographic algorithms that are designed to fulfill different roles. There are four components of a cipher suite.

Key Exchange Algorithm

TLS uses symmetric cryptography for bulk data encryption because it is more efficient than public key cryptography. However, symmetric algorithms need to have a shared secret key to encrypt and decrypt data.

The key exchange algorithm is used to securely establish this shared secret over an untrusted and unencrypted connection. Algorithms that can be used for key exchange include Rivest-Shamir-Adleman (RSA), Diffie-Hellman (DH), and Elliptic Curve Diffie-Hellman (ECDH).

Authentication Algorithm

A TLS session always includes verification of the server’s identity to the client. In some cases, the client and server might perform mutual authentication.

Public key cryptography algorithms enable digital signatures, which can be used for authentication. Some algorithms that might be used for authentication in a TLS cipher suite include RSA, the Digital Signature Algorithm (DSA), and the Elliptic Curve Digital Signature Algorithm (ECDSA).

Encryption Algorithm

Symmetric encryption algorithms are used for bulk data encryption in TLS. Some examples include the Advanced Encryption Standard (AES), CHACHA20, Camelia, and ARIA.

These ciphers may have additional settings and modes of operation defined. For example, AES may use a 128, 192, or 256-bit key and uses various modes of operation such as Galois Counter Mode (GCM).

Message Authentication Code (MAC)

MAC algorithms are designed to ensure that data has not been tampered with or had errors introduced in transit. Hash functions such as SHA-256 are commonly used as MAC algorithms.

The TLS Process

Different clients and servers may support different cipher sets. The TLS algorithm sets up a connection and uses these cipher suites via the following process:

  • Handshake: During the handshake phase, the client and server negotiate a cipher suite to use. The client will send its list of supported cipher suites, and the server will select one from this list.
  • Key Exchange and Authentication: The key exchange and authentication algorithms are used to establish a shared secret key and authenticate the server to the client (and potentially the client to the server).
  • Data Transfer: The selected symmetric encryption algorithm will be used to encrypt data as it travels in both directions over the TLS connection.
  • Data Integrity Checks: The selected MAC algorithm is used to check if the data has been changed in transit.


TLS is an adaptable protocol for establishing confidentiality, integrity, and authentication in a communications session. These attributes are provided by cryptographic algorithms that are organized into cipher suites. The cipher suite used for a particular session is negotiated by the client and server before the session begins.

KZero Staff

Explore more insightful content from the knowledgeable KZero staff on our blog and guides section.

Glossary Terms

Stay up to date with the most recent #infosec topics

Trending Topics

Interested In
Next-Gen MFA?

Discover Multi-Pass enterprise passwordless authentication

Share the page: