eavesdroppin adversary who sees all the messages sent over the communication
line does not learn anything about the resulting secret key.'' \cite{katz2008introduction}
-Example: DH, ECDH, DHE, ECDHE, RSA
+Example: \texttt{DHE}
\item{Authentication:}
The client authenticates the server by its certificate. Optionally the server
may authenticate the client certificate.
-Example: RSA, ECDSA, DSA
+Example: \texttt{RSA}
\item{Cipher:}
The cipher is used to encrypt the message stream. It also contains the key size
and mode used by the suite.
-Example: AES128, AES128\_GCM, Camellia128
+Example: \texttt{AES256}
\item{Message authentication code (MAC):}
A MAC ensures that the message has not been tampered with (integrity).
-Examples: SHA256, SHA384, SHA
+Examples: \texttt{SHA256}
+
+
+\begin{figure}[h]
+\makebox[\textwidth]{
+\framebox[1.1\width]{ \texttt{DHE} }--\framebox[1.1\width]{ \texttt{RSA} }--\framebox[1.1\width]{ \texttt{AES256} }--\framebox[1.1\width]{ \texttt{SHA256} } }
+\caption{Composition of a typical cipher string}
+\end{figure}
-\todo{find a good visualisation for a cipher suite composition}
\item{Authenticated encryption scheme:}
An encryption scheme which provides for confidentiality, integrity and authenticity.
git.bettercrypto.org / ach-master.git / blobdiff