Cipher suites

The IBMJSSE2 provider supports many cipher suites. The lists that follow show the cipher suites that are supported by the IBMJSSE2 provider in order of preference.

The first list shows the cipher suites that are enabled by default. The second list shows the cipher suites that are supported by the IBMJSSE provider, but disabled by default.
Notes:
  • These lists apply to the latest release of the SDK; earlier releases might have a different order of preference.
  • The jdk.tls.disabledAlgorithms security property takes precedence; a cipher suite can be in the default enabled list but be disabled by that security property.
Default enabled cipher suites in order of preference
Note: In the following list, the string "TLS" can be used instead of "SSL" (but not vice versa) when the cipher suite name is used with these methods: javax.net.SSLEngine.setEnabledCipherSuites, javax.net.ssl.SSLSocket.setEnabledCipherSuites, and javax.net.ssl.SSLParameters.setCipherSuites. In all other situations, the cipher suite name is as listed. Start of changes for service refresh 6 fix pack 25You can use the com.ibm.jsse2.overrideDefaultCSName system property to specify whether to use the old cipher suite name (set the property to false, which is the default value) or the Oracle equivalent (set the property to true). For example, some cipher suite names begin with "TLS" when defined by Oracle but "SSL" in the IBM SDK. This difference is due to some cipher names being defined before the finalization of the first TSL specification.End of changes for service refresh 6 fix pack 25
  1. Start of changes for service refresh 6 fix pack 25TLS_AES_256_GCM_SHA384**1End of changes for service refresh 6 fix pack 25
  2. Start of changes for service refresh 6 fix pack 25TLS_AES_128_GCM_SHA256**1End of changes for service refresh 6 fix pack 25
  3. Start of changes for service refresh 6 fix pack 25TLS_CHACHA20_POLY1305_SHA2561End of changes for service refresh 6 fix pack 25
  4. SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384** 2
  5. SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA2562
  6. SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384** 2
  7. SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA2562
  8. SSL_DHE_RSA_WITH_AES_256_GCM_SHA384** 2
  9. SSL_DHE_DSS_WITH_AES_256_GCM_SHA384** 2
  10. SSL_DHE_RSA_WITH_AES_128_GCM_SHA2562
  11. SSL_DHE_DSS_WITH_AES_128_GCM_SHA2562
  12. SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384** 2
  13. SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384** 2
  14. SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA2562
  15. SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA2562
  16. SSL_DHE_RSA_WITH_AES_256_CBC_SHA256** 2
  17. SSL_DHE_DSS_WITH_AES_256_CBC_SHA256** 2
  18. SSL_DHE_RSA_WITH_AES_128_CBC_SHA2562
  19. SSL_DHE_DSS_WITH_AES_128_CBC_SHA2562
  20. SSL_ECDH_ECDSA_WITH_AES_256_GCM_SHA384** 2
  21. SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384** 2
  22. SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA2562
  23. SSL_ECDH_RSA_WITH_AES_128_GCM_SHA2562
  24. SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384** 2
  25. SSL_ECDH_RSA_WITH_AES_256_CBC_SHA384** 2
  26. SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA2562
  27. SSL_ECDH_RSA_WITH_AES_128_CBC_SHA2562
  28. SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA**
  29. SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA**
  30. SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  31. SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA
  32. SSL_DHE_RSA_WITH_AES_256_CBC_SHA**
  33. SSL_DHE_DSS_WITH_AES_256_CBC_SHA**
  34. SSL_DHE_RSA_WITH_AES_128_CBC_SHA
  35. SSL_DHE_DSS_WITH_AES_128_CBC_SHA
  36. SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA**
  37. SSL_ECDH_RSA_WITH_AES_256_CBC_SHA**
  38. SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA
  39. SSL_ECDH_RSA_WITH_AES_128_CBC_SHA
  40. SSL_RSA_WITH_AES_256_GCM_SHA384** 2
  41. SSL_RSA_WITH_AES_128_GCM_SHA2562
  42. SSL_RSA_WITH_AES_256_CBC_SHA256** 2
  43. SSL_RSA_WITH_AES_128_CBC_SHA2562
  44. SSL_RSA_WITH_AES_256_CBC_SHA**
  45. SSL_RSA_WITH_AES_128_CBC_SHA
  46. SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA3
  47. SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA3
  48. SSL_RSA_WITH_3DES_EDE_CBC_SHA3
  49. SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA3
  50. SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA3
  51. SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA3
  52. SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA3
  53. TLS_EMPTY_RENEGOTIATION_INFO_SCSV4

Start of changes for service refresh 6 fix pack 251 These cipher suites are available only for TLS 1.3 or later. Use of these suites also requires use of the IBMJCEPlus provider.End of changes for service refresh 6 fix pack 25

2 These cipher suites are available only for TLS 1.2.

Start of changes for service refresh 43 These cipher suites are disabled by jdk.tls.disabledAlgorithms.End of changes for service refresh 4

4 TLS_EMPTY_RENEGOTIATION_INFO_SCSV is a pseudo-cipher suite to support RFC 5746. See Transport Layer Security (TLS) Renegotiation Issue for more information.

** Cipher suites that use AES_256 require the JCE Unlimited Strength Jurisdiction Policy Files.

Default disabled cipher suites in order of preference
Note: In the following list, the string "TLS" can be used instead of "SSL" (but not vice versa) when the cipher suite name is used with these methods: javax.net.SSLEngine.setEnabledCipherSuites, javax.net.ssl.SSLSocket.setEnabledCipherSuites, and javax.net.ssl.SSLParameters.setCipherSuites. In all other situations, the cipher suite name is as listed. Start of changes for service refresh 6 fix pack 25You can use the com.ibm.jsse2.overrideDefaultCSName system property to specify whether to use the old cipher suite name (set the property to false, which is the default value) or the Oracle equivalent (set the property to true). For example, some cipher suite names begin with "TLS" when defined by Oracle but "SSL" in the IBM SDK. This difference is due to some cipher names being defined before the finalization of the first TSL specification.End of changes for service refresh 6 fix pack 25
  1. Start of changes for service refresh 6 fix pack 25TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 1, 6End of changes for service refresh 6 fix pack 25
  2. Start of changes for service refresh 6 fix pack 25TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 1, 6End of changes for service refresh 6 fix pack 25
  3. Start of changes for service refresh 6 fix pack 25TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 1, 6End of changes for service refresh 6 fix pack 25
  4. SSL_DH_anon_WITH_AES_256_GCM_SHA384** 1, 4
  5. SSL_DH_anon_WITH_AES_128_GCM_SHA256** 1, 4
  6. SSL_DH_anon_WITH_AES_256_CBC_SHA2561, 4
  7. SSL_ECDH_anon_WITH_AES_256_CBC_SHA** 4
  8. SSL_DH_anon_WITH_AES_256_CBC_SHA** 4
  9. SSL_DH_anon_WITH_AES_128_CBC_SHA2561, 4
  10. SSL_ECDH_anon_WITH_AES_128_CBC_SHA4
  11. SSL_DH_anon_WITH_AES_128_CBC_SHA4
  12. SSL_ECDH_anon_WITH_3DES_EDE_CBC_SHA4
  13. SSL_DH_anon_WITH_3DES_EDE_CBC_SHA4
  14. SSL_ECDHE_ECDSA_WITH_RC4_128_SHA5
  15. SSL_ECDHE_RSA_WITH_RC4_128_SHA5
  16. SSL_RSA_WITH_RC4_128_SHA5
  17. SSL_ECDH_ECDSA_WITH_RC4_128_SHA5
  18. SSL_ECDH_RSA_WITH_RC4_128_SHA5
  19. SSL_RSA_WITH_RC4_128_MD55
  20. SSL_ECDH_anon_WITH_RC4_128_SHA4
  21. SSL_DH_anon_WITH_RC4_128_MD54
  22. SSL_RSA_WITH_DES_CBC_SHA2
  23. SSL_DHE_RSA_WITH_DES_CBC_SHA2
  24. SSL_DHE_DSS_WITH_DES_CBC_SHA2
  25. SSL_DH_anon_WITH_DES_CBC_SHA2, 4
  26. SSL_RSA_EXPORT_WITH_DES40_CBC_SHA3
  27. SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA3
  28. SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA3
  29. SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA3, 4
  30. SSL_RSA_EXPORT_WITH_RC4_40_MD53
  31. SSL_DH_anon_EXPORT_WITH_RC4_40_MD53, 4
  32. SSL_DHE_DSS_WITH_RC4_128_SHA3
  33. SSL_RSA_WITH_NULL_SHA2561
  34. SSL_ECDHE_ECDSA_WITH_NULL_SHA
  35. SSL_ECDHE_RSA_WITH_NULL_SHA
  36. SSL_RSA_WITH_NULL_SHA
  37. SSL_ECDH_ECDSA_WITH_NULL_SHA
  38. SSL_ECDH_RSA_WITH_NULL_SHA
  39. SSL_ECDH_anon_WITH_NULL_SHA4
  40. SSL_RSA_WITH_NULL_MD5
  41. SSL_KRB5_WITH_3DES_EDE_CBC_SHA
  42. SSL_KRB5_WITH_3DES_EDE_CBC_MD5
  43. SSL_KRB5_WITH_RC4_128_SHA
  44. SSL_KRB5_WITH_RC4_128_MD5
  45. SSL_KRB5_WITH_DES_CBC_SHA2
  46. SSL_KRB5_WITH_DES_CBC_MD52
  47. SSL_KRB5_EXPORT_WITH_DES_CBC_40_SHA3
  48. SSL_KRB5_EXPORT_WITH_DES_CBC_40_MD53
  49. SSL_KRB5_EXPORT_WITH_RC4_40_SHA3
  50. SSL_KRB5_EXPORT_WITH_RC4_40_MD53

1 Cipher suites with SHA384 and SHA256 are available only for TLS 1.2.

2 RFC 5246 TLS 1.2 forbids the use of these suites. These can be used in the SSLv3/TLS1.0/TLS1.1 protocols, but cannot be used in TLS 1.2 and later.

3 RFC 4346 TLS 1.1 forbids the use of these suites. These can be used in the SSLv3/TLS1.0 protocols, but cannot be used in TLS 1.1 and later.

4 Although anonymous cipher suites are enabled, the IBMJSSE2 TrustManager does not allow anonymous cipher suites. The default implementation can be overridden by providing your own TrustManager that allows anonymous cipher suites. See Accepting Anonymous Cipher Suites for information about creating your own X509TrustManager.

Start of changes for service refresh 15 These cipher suites are disabled to mitigate against CVE-2015-2808: Bar Mitzvah security vulnerability. End of changes for service refresh 1

Start of changes for service refresh 6 fix pack 256 Use of the ChaCha suites also requires use of the IBMJCEPlus provider.End of changes for service refresh 6 fix pack 25

** Cipher suites that use AES_256 require the JCE Unlimited Strength Jurisdiction Policy Files.