Protocol Connections Reference
This chapter lists the key components that contribute to secure communication. The first topic is IBM JCE FIPS v1.8 and algorithms that meet FIPS compliance. Next, the encryption suites used to create secure SSL connections are listed. Finally, the default character set used to modify text received from external files is covered.
IBM JCE FIPS v1.8 algorithms
These are the supported FIPS Compliance algorithms:
Ciphers
AES with modes ECB, CBC, OFB, and CFB8, CFB128 and GCM DESede(TripleDES) with modes ECB, CBC, OFB, CFB8 and CFB64 SA with PKCS#1 padding
Signature
SHA224withRSA SHA256withRSA SHA384withRSA SHA512withRSA RSA-PSS SHA256withDSA SHA224withECDSA SHA256withECDSA SHA384withECDSA SHA512withECDSA
Signature verification
SHA1withRSA SHA224withRSA SHA256withRSA SHA384withRSA SHA512withRSA RSA-PSS SHA1withDSA SHA224withDSA SHA256withDSA SHA1withECDSA SHA224withECDSA SHA256withECDSA SHA384withECDSA SHA512withECDSA ECDSA with P-192, P-224, P-256, P-384, P-521 curves
Key agreement
DiffieHellman EC Diffie-Hellman (P-224, P-256, P-384, P-521 curves)
Key (pair) generation
DSA AES TripleDES HmacSHA1 HmacSHA224 HmacSHA256 Hmac384 Hmac512 RSA ECDSA (P-224, P-256, P-384, P-521 curves) DiffieHellman
Message authentication code (MAC)
HmacSHA1 HmacSHA224 HmacSHA256 HmacSHA384 HmacSHA512
The keys must be at least 112 bits.
Message digest
SHA-1 SHA-256 SHA-384 SHA-512 MD5
Algorithm parameters generator
DiffieHellman DSA
Algorithm parameters
ES DiffieHellman TripleDES DSA ECDSA with P-224, P-256, P-384, P-521 curves
Key factory
DiffieHellman DSA RSA ECDSA
Secret Key factory
AES TripleDES
Certificate
X.509
Random number generation
HashDRBG SHA256DRBG SHA512DRBG
Key generation
AES - 128, 192 or 256 bits Triple-DES - 192 bits three key Triple-DES key RSA - 2048 or 3072 modulus size DSA - L=2048, N=256 or L=3072, N=256 bits ECDSA - P-224, P-256, P-384, P-521 curves
Key agreement
Diffie-Hellman - 2048 bits EC Diffie-Hellman - P-224, P-256, P-384, P-521 curves
Encryption and decryption
AES (ECB, CBC, OFB, CFB8, CFB128 and GCM modes) - 128, 192, or 256 bits Triple-DES (ECB, CBC, CFB8, CFB64 and OFB modes) - 192 bits Triple-DES key Two key Triple-DES (decryption only - ECB, CBC, CFB8, CFB64 and OFB modes) - 192 bits two key Triple-DES
Signature generation
RSA – 2048 or 3072 bits DSA (SHA-256) – 2048 or 3072 bits ECDSA (SHA-224, SHA-256, SHA-384 and SHA-512) - P-224, P-256, P-384, P-521 curves
Signature verification
RSA – 1024, 2048, or 3072 bits DSA – (SHA-1, SHA-224, SHA-256) – 1024, 2048, or 3072 bits ECDSA (SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512) - P-192, P-224, P-256, P-384, P-521 curves
Message authentication
HMAC with SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 - at least 112 bits
Message digest
SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512
Accepted Cipher Suites
Find below the list of the cipher suites accepted to establish an SSL connection:
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDH_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_SHA TLS_ECDH_ECDSA_WITH_RC4_128_SHA TLS_ECDH_RSA_WITH_RC4_128_SHA TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SH SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_RC4_128_MD5 TLS_EMPTY_RENEGOTIATION_INFO_SCSV LS_DH_anon_WITH_AES_256_CBC_SHA256 TLS_ECDH_anon_WITH_AES_256_CBC_SHA TLS_DH_anon_WITH_AES_256_CBC_SHA TLS_DH_anon_WITH_AES_128_CBC_SHA256 TLS_ECDH_anon_WITH_AES_128_CBC_SHA TLS_DH_anon_WITH_AES_128_CBC_SHA TLS_ECDH_anon_WITH_RC4_128_SHA SSL_DH_anon_WITH_RC4_128_MD5 TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA SSL_DH_anon_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_NULL_SHA256 TLS_ECDHE_ECDSA_WITH_NULL_SHA TLS_ECDHE_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_SHA TLS_ECDH_ECDSA_WITH_NULL_SHA TLS_ECDH_RSA_WITH_NULL_SHA TLS_ECDH_anon_WITH_NULL_SHA SSL_RSA_WITH_NULL_MD5 SSL_RSA_WITH_DES_CBC_SHA SSL_DHE_RSA_WITH_DES_CBC_SHA SSL_DHE_DSS_WITH_DES_CBC_SHA SSL_DH_anon_WITH_DES_CBC_SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA TLS_KRB5_WITH_RC4_128_SHA TLS_KRB5_WITH_RC4_128_MD5 TLS_KRB5_WITH_3DES_EDE_CBC_SHA TLS_KRB5_WITH_3DES_EDE_CBC_MD5 TLS_KRB5_WITH_DES_CBC_SHA TLS_KRB5_WITH_DES_CBC_MD5 TLS_KRB5_EXPORT_WITH_RC4_40_SHA TLS_KRB5_EXPORT_WITH_RC4_40_MD5 TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
Default Charset
The default charset used to convert the received text external file is the following:
X-CCSID-37 X-CCSID-256 X-CCSID-259 X-CCSID-273 X-CCSID-274 X-CCSID-275 X-CCSID-277 X-CCSID-278 X-CCSID-280 X-CCSID-281 X-CCSID-282 X-CCSID-284 X-CCSID-285 X-CCSID-290 X-CCSID-297 X-CCSID-367 X-CCSID-420 X-CCSID-423 X-CCSID-424 X-CCSID-425 X-CCSID-437 X-CCSID-500 X-CCSID-720 X-CCSID-737 X-CCSID-775 X-CCSID-803 X-CCSID-808 X-CCSID-813 X-CCSID-819 X-CCSID-833 X-CCSID-836 X-CCSID-838 X-CCSID-848 X-CCSID-849 X-CCSID-850 X-CCSID-851 X-CCSID-852 X-CCSID-855 X-CCSID-856 X-CCSID-857 X-CCSID-858 X-CCSID-859 X-CCSID-860 X-CCSID-861 X-CCSID-862 X-CCSID-863 X-CCSID-864 X-CCSID-865 X-CCSID-866 X-CCSID-867 X-CCSID-868 X-CCSID-869 X-CCSID-870 X-CCSID-871 X-CCSID-872 X-CCSID-874 X-CCSID-875 X-CCSID-878 X-CCSID-880 X-CCSID-897 X-CCSID-901 X-CCSID-902 X-CCSID-903 X-CCSID-905 X-CCSID-912 X-CCSID-914 X-CCSID-915 X-CCSID-916 X-CCSID-918 X-CCSID-920 X-CCSID-921 X-CCSID-922 X-CCSID-923 X-CCSID-924 X-CCSID-1004 X-CCSID-1006 X-CCSID-1008 X-CCSID-1009 X-CCSID-1025 X-CCSID-1026 X-CCSID-1027 X-CCSID-1040 X-CCSID-1041 X-CCSID-1042 X-CCSID-1043 X-CCSID-1046 X-CCSID-1047 X-CCSID-1051 X-CCSID-1088 X-CCSID-1089 X-CCSID-1097 X-CCSID-1098 X-CCSID-1100 X-CCSID-1112 X-CCSID-1114 X-CCSID-1122 X-CCSID-1123 X-CCSID-1124 X-CCSID-1125 X-CCSID-1127 X-CCSID-1129 X-CCSID-1130 X-CCSID-1131 X-CCSID-1132 X-CCSID-1133 X-CCSID-1137 X-CCSID-1140 X-CCSID-1141 X-CCSID-1142 X-CCSID-1143 X-CCSID-1144 X-CCSID-1145 X-CCSID-1146 X-CCSID-1147 X-CCSID-1148 X-CCSID-1149 X-CCSID-1153 X-CCSID-1154 X-CCSID-1155 X-CCSID-1156 X-CCSID-1157 X-CCSID-1158 X-CCSID-1159 X-CCSID-1160 X-CCSID-1161 X-CCSID-1162 X-CCSID-1163 X-CCSID-1164 X-CCSID-1167 X-CCSID-1168 X-CCSID-1250 X-CCSID-1251 X-CCSID-1252 X-CCSID-1253 X-CCSID-1254 X-CCSID-1255 X-CCSID-1256 X-CCSID-1257 X-CCSID-1258 X-CCSID-1275 X-CCSID-1280 X-CCSID-1281 X-CCSID-1282 X-CCSID-1283 X-CCSID-1284 X-CCSID-1285 X-CCSID-1287 X-CCSID-1288 X-CCSID-4899 X-CCSID-4909 X-CCSID-4971 X-CCSID-5012 X-CCSID-5104 X-CCSID-5123 X-CCSID-5210 X-CCSID-5346 X-CCSID-5347 X-CCSID-5348 X-CCSID-5349 X-CCSID-5350 X-CCSID-5351 X-CCSID-5352 X-CCSID-5353 X-CCSID-5354 X-CCSID-8482 X-CCSID-9044 X-CCSID-9048 X-CCSID-9049 X-CCSID-9061 X-CCSID-9238 X-CCSID-9447 X-CCSID-12712 X-CCSID-16804 X-CCSID-17248 X-CCSID-28709 X-CCSID-1048576 – corresponds to the CodePage 0 ASCII (compatibility SPAZIO) X-CCSID-1114112 – corresponds to the CodePage 0 EBCDIC (compatibility SPAZIO) Adobe-Standard-Encoding BOCU-1 Big5 Big5-HKSCS CESU-8 EUC-JP EUC-KR GB18030 GB2312 GBK GB_2312-80 HZ-GB-2312 IBM-Thai IBM00858 IBM01140 IBM01141 IBM01142 IBM01143 IBM01144 IBM01145 IBM01146 IBM01147 IBM01148 IBM01149 IBM037 IBM1026 IBM1047 IBM273 IBM277 IBM278 IBM280 IBM284 IBM285 IBM290 IBM297 IBM420 IBM424 IBM437 IBM500 IBM775 IBM850 IBM852 IBM855 IBM857 IBM860 IBM861 IBM862 IBM863 IBM864 IBM865 IBM866 IBM868 IBM869 IBM870 IBM871 IBM918 ISO-2022-CN ISO-2022-CN-EXT ISO-2022-JP ISO-2022-JP-1 ISO-2022-JP-2 ISO-2022-KR ISO-8859-1 ISO-8859-10 ISO-8859-13 ISO-8859-14 ISO-8859-15 ISO-8859-2 ISO-8859-3 ISO-8859-4 ISO-8859-5 ISO-8859-6 ISO-8859-7 ISO-8859-8 ISO-8859-9 JIS_X0201 JIS_X0212-1990 KOI8-R KOI8-U SCSU Shift_JIS TIS-620 US-ASCII UTF-16 UTF-16BE UTF-16LE UTF-32 UTF-32BE UTF-32LE UTF-7 UTF-8 X-UTF-32BE-BOM X-UTF-32LE-BOM cp1363 cp851 hp-roman8 macintosh windows-1250 windows-1251 windows-1252 windows-1253 windows-1254 windows-1255 windows-1256 windows-1257 windows-1258 windows-31j x-Big5-HKSCS-2001 x-Big5-Solaris x-EUC-TW x-IBM1006 x-IBM1025 x-IBM1046 x-IBM1097 x-IBM1098 x-IBM1112 x-IBM1122 x-IBM1123 x-IBM1124 x-IBM1153 x-IBM1363 x-IBM1364 x-IBM1371 x-IBM1381 x-IBM1383 x-IBM1388 x-IBM1390 x-IBM1399 x-IBM300 x-IBM33722 x-IBM720 x-IBM737 x-IBM833 x-IBM834 x-IBM856 x-IBM867 x-IBM874 x-IBM875 x-IBM921 x-IBM922 x-IBM930 x-IBM933 x-IBM935 x-IBM937 x-IBM939 x-IBM942 x-IBM942C x-IBM943 x-IBM943C x-IBM948 x-IBM949 x-IBM949C x-IBM950 x-IBM954 x-IBM964 x-IBM970 x-IBM971 x-IMAP-mailbox-name x-ISCII91 x-ISO-2022-CN-CNS x-ISO-2022-CN-GB x-JIS0208 x-JIS7 x-JIS8 x-JISAutoDetect x-Johab x-LMBCS-1 x-MS932_0213 x-MS950-HKSCS x-MS950-HKSCS-XP x-MacArabic x-MacCentralEurope x-MacCroatian x-MacCyrillic x-MacDingbat x-MacGreek x-MacHebrew x-MacIceland x-MacRoman x-MacRomania x-MacSymbol x-MacThai x-MacTurkish x-MacUkraine x-PCK x-SJIS_0213 x-UTF-16LE-BOM x-UTF16_OppositeEndian x-UTF16_PlatformEndian x-UTF32_OppositeEndian x-UTF32_PlatformEndian x-UnicodeBig x-compound-text x-ebcdic-xml-us x-euc-jp-linux x-eucJP-Open x-ibm-1047-s390 x-ibm-1125_P100-1997 x-ibm-1129_P100-1997 x-ibm-1130_P100-1997 x-ibm-1131_P100-1997 x-ibm-1132_P100-1998 x-ibm-1133_P100-1997 x-ibm-1137_P100-1999 x-ibm-1140-s390 x-ibm-1141-s390 x-ibm-1142-s390 x-ibm-1143-s390 x-ibm-1144-s390 x-ibm-1145-s390 x-ibm-1146-s390 x-ibm-1147-s390 x-ibm-1148-s390 x-ibm-1149-s390 x-ibm-1153-s390 x-ibm-1154_P100-1999 x-ibm-1155_P100-1999 x-ibm-1156_P100-1999 x-ibm-1157_P100-1999 x-ibm-1158_P100-1999 x-ibm-1160_P100-1999 x-ibm-1162_P100-1999 x-ibm-1164_P100-1999 x-ibm-1250_P100-1995 x-ibm-1251_P100-1995 x-ibm-1252_P100-2000 x-ibm-1253_P100-1995 x-ibm-1254_P100-1995 x-ibm-1255_P100-1995 x-ibm-1256_P110-1997 x-ibm-1257_P100-1995 x-ibm-1258_P100-1997 x-ibm-12712-s390 x-ibm-12712_P100-1998 x-ibm-1373_P100-2002 x-ibm-1386_P100-2001 x-ibm-16684_P110-2003 x-ibm-16804-s390 x-ibm-16804_X110-1999 x-ibm-25546 x-ibm-33722_P12A_P12A-2009_U2 x-ibm-37-s390 x-ibm-4517_P100-2005 x-ibm-4899_P100-1998 x-ibm-4909_P100-1999 x-ibm-4971_P100-1999 x-ibm-5123_P100-1999 x-ibm-5351_P100-1998 x-ibm-5352_P100-1998 x-ibm-5353_P100-1998 x-ibm-803_P100-1999 x-ibm-813_P100-1995 x-ibm-8482_P100-1999 x-ibm-901_P100-1999 x-ibm-902_P100-1999 x-ibm-9067_X100-2005 x-ibm-916_P100-1995 x-iscii-be x-iscii-gu x-iscii-ka x-iscii-ma x-iscii-or x-iscii-pa x-iscii-ta x-iscii-te x-iso-8859-11 x-mac-centraleurroman x-mac-cyrillic x-mac-greek x-mac-turkish x-mswin-936 x-windows-50220 x-windows-50221 x-windows-874 x-windows-949 x-windows-950 x-windows-iso2022jp
Last updated