A cipher suite specifies one algorithm for each of the following tasks:
- Key exchange
- Bulk encryption
- Message authentication
So you may see something like: PSK-AES-SHA256
We have targeted the 128-bit symmetric-equivalent security level, taking the following key lengths for each algorithm :
- RSA (3072 bit),
- Diffie-Hellman (3072 bit),
- Elliptic curve Diffie-Hellman (NIST P-256, which has a 256 bit key length),
- Curve25519 (key length is fixed at 256 bit),
Bulk encryption algorithms
Bulk encryption algorithms encrypt messages exchanged between clients and servers. These algorithms are symmetric and perform well for large amounts of data.
Message authentication algorithms
Nicholas Workshop Newsletter
Join the newsletter to receive the latest updates in your inbox.