Cipher suite - MDN Web Docs Glossary: Definitions of Web-related terms 编辑

A cipher suite is a combination of a key exchange algorithm, authentication method, bulk encryption cipher, and message authentication code.

In a cryptosystem like TLS, the client and server must agree on a cipher suite before they can begin communicating securely.  A typical cipher suite looks like ECDHE_RSA_WITH_AES_128_GCM_SHA256 or ECDHE-RSA-AES128-GCM-SHA256, indicating:

• ECDHE (elliptic curve Diffie-Hellman ephemeral) for key exchange
• RSA for authentication
• AES-128 as the cipher, with Galois/Counter Mode (GCM) as the block cipher mode of operation
• SHA-256 as the hash-based message authentication code (HMAC)

Learn more

• Mozilla recommended cipher suite choices for TLS