Check SSL TLS cipher suites in Linux

An SSL cipher, or an SSL cipher suite, is a set of algorithms or a set of instructions/steps that helps to establish a secure connection between two entities.

SSL cipher suites determine the method through which a secure connection will take place between both entities.

This communication could be taking place through HTTPS, FTPS, SMTP, or other network protocols.

Table of Contents

Understanding SSL Cipher Suite

To negotiate secure communication, the client and the server need to come to terms with four crucial elements:

Key exchange algorithm
Bulk encryption algorithm
Data encryption algorithm
Hash function

This is an example of a cipher suite:

DHE_RSA_AES256_SHA256

DHE: The first part is the key exchange algorithm.
RSA: The second section is the authentication algorithm.
AES256: The third section is the type of encryption algorithm used.
SHA256: The fourth component is the type of hashing algorithm used.

List of Recommended TLS 1.3 Cipher Suites

TLS 1.3, an upgraded version of TLS 1.2, brings a host of changes, including changes to the list of cipher suites. One of the most significant downsides of TLS 1.2 was the time it took to process the SSL/TLS handshake.

The biggest culprit behind this was the RSA algorithm, which uses large cryptographic keys to encrypt and decrypt the data. This resulted in increased computational overhead and latency.

The SSL cipher suite list has reduced dramatically from TLS 1.2 to TLS 1.3. Now, there are just five SSL cipher suites that are recommended:

TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256
TLS_AES_128_CCM_8_SHA256
TLS_AES_128_CCM_SHA256

understanding TLS 1.3 Cipher Suites

Although TLS 1.3 uses the same cipher suite space as previous versions of TLS, TLS 1.3 cipher suites are defined differently, only specifying the symmetric ciphers, and cannot be used for TLS 1.2. Similarly, TLS 1.2 and lower cipher suites cannot be used with TLS 1.3 (IETF TLS 1.3 draft 21).

There are 5 TLS v1.3 ciphers and 37 recommended TLS v1.2 ciphers.
TLS v1.3 has deprecated the RSA key exchange and all other static key exchange mechanisms.
TLS v1.3 has a new bulk cipher, AEAD or Authenticated Encryption with Associated Data algorithm. The AEAD Cipher can encrypt and authenticate the communication.
TLS v1.3 cipher suites are more compact than TLS v1.2 cipher suites.

List of Approved TLS 1.2 Ciphers

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305

Check supported Cipher Suites in Linux with openssl command

The below commands can be used to list the ciphers:

# openssl ciphers -help

usage: ciphers args
-v – verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL
-V – even more verbose
-ssl3 – SSL3 mode
-tls1 – TLS1 mode

# openssl ciphers -v

ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
…..

Check Cipher Suites from Application server with openssl command

The following command will display all the cipher suites the application server supports.

It is very helpful to check which cipher suite the remote server provides. but it doesn’t work with TLS1.3.

nmap --script ssl-enum-ciphers -p 5432 localhost

# nmap –script ssl-enum-ciphers -p 5432 localhost
Starting Nmap 7.70 ( https://nmap.org ) at 2022-03-03 03:04 GMT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000057s latency).
Other addresses for localhost (not scanned): ::1

For TLS1.3, we can use openssl command to check each cipher suite.

openssl s_client -connect localhost:5432 -tls1_3 -ciphersuites TLS_AES_128_GCM_SHA256 -starttls postgres
openssl s_client -connect localhost:5432 -tls1_3 -ciphersuites TLS_AES_128_CCM_SHA256 -starttls postgres

SSL vs TLS

Protocol Version	Usage Recommendation
`SSL v2`	Do not use. Has serious security vulnerabilities.
`SSL v3`	Do not use. Has serious security vulnerabilities.
`TLS 1.0`	Use for interoperability purposes where needed. Has known issues that cannot be mitigated in a way that guarantees interoperability, and thus mitigations are not enabled by default. Does not support modern cipher suites.
`TLS 1.1`	Use for interoperability purposes where needed. Has no known issues but relies on protocol fixes that are included in all the `TLS` implementations in Red Hat Enterprise Linux. Does not support modern cipher suites.
`TLS 1.2`	Recommended version. Supports the modern `AEAD` cipher suites.

Summary

Cipher suites are an integral part to the TLS Handshake, telling the client and server how to encrypt their information for the other to understand.

The TLS Handshake, which connects a client and server in a secure connection, is used every day to connect to websites, so ensuring it is the most secure it can be is extremely important.

Cipher suites are just one way to ensure safe and trusted connections. Code signing, proper certificate management, and secure SSH keys are all other secure connection methods that must also be implemented properly, to ensure the most secure connection to servers.