TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode
RFC 5289, “TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode”, is a Proposed Standard document published in August 2008 by E. Rescorla. The canonical text is published by the RFC Editor.
Abstract
RFC 4492 describes elliptic curve cipher suites for Transport Layer Security (TLS). However, all those cipher suites use HMAC-SHA-1 as their Message Authentication Code (MAC) algorithm. This document describes sixteen new cipher suites for TLS that specify stronger MAC algorithms. Eight use Hashed Message Authentication Code (HMAC) with SHA-256 or SHA-384, and eight use AES in Galois Counter Mode (GCM). This memo provides information for the Internet community.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 5289 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 5288 AES Galois Counter Mode Cipher Suites for TLS
- RFC 5290 Comments on the Usefulness of Simple Best-Effort Traffic
- RFC 5287 Control Protocol Extensions for the Setup of Time-Division Multiplexing Pseudowires in MPLS Networks
- RFC 5291 Outbound Route Filtering Capability for BGP-4
- RFC 5286 Basic Specification for IP Fast Reroute: Loop-Free Alternates
- RFC 5292 Address-Prefix-Based Outbound Route Filter for BGP-4
- RFC 5285 A General Mechanism for RTP Header Extensions
- RFC 5293 Sieve Email Filtering: Editheader Extension