Cipher suites

The IBMJSSE2 provider supports many cipher suites. The lists that follow show the cipher suites that are supported by the IBMJSSE2 provider in order of preference.

The first list shows the cipher suites that are enabled by default. The second list shows the cipher suites that are supported by the IBMJSSE provider, but disabled by default.
Notes:
  • These lists apply to the latest release of the SDK; earlier releases might have a different order of preference.
  • The jdk.tls.disabledAlgorithms security property takes precedence; a cipher suite can be in the default enabled list but be disabled by that security property.
Default enabled cipher suites in order of preference
Note: In the following list, the string "TLS" can be used instead of "SSL" (but not vice versa) when the cipher suite name is used with these methods: javax.net.SSLEngine.setEnabledCipherSuites, javax.net.ssl.SSLSocket.setEnabledCipherSuites, and javax.net.ssl.SSLParameters.setCipherSuites. In all other situations, the cipher suite name is as listed.
  1. SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384** 1
  2. SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384** 1
  3. SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA2561
  4. SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA2561
  5. SSL_DHE_RSA_WITH_AES_256_CBC_SHA256** 1
  6. SSL_DHE_DSS_WITH_AES_256_CBC_SHA256** 1
  7. SSL_DHE_RSA_WITH_AES_128_CBC_SHA2561
  8. SSL_DHE_DSS_WITH_AES_128_CBC_SHA2561
  9. SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384** 1
  10. SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA2561
  11. SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384** 1
  12. SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA2561
  13. SSL_DHE_RSA_WITH_AES_256_GCM_SHA384** 1
  14. SSL_DHE_DSS_WITH_AES_256_GCM_SHA384** 1
  15. SSL_DHE_RSA_WITH_AES_128_GCM_SHA2561
  16. Start of changes for service refresh 1SSL_DHE_DSS_WITH_AES_128_GCM_SHA2561End of changes for service refresh
  17. SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384** 1
  18. SSL_ECDH_RSA_WITH_AES_256_CBC_SHA384** 1
  19. SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA2561
  20. SSL_ECDH_RSA_WITH_AES_128_CBC_SHA2561
  21. SSL_ECDH_ECDSA_WITH_AES_256_GCM_SHA384** 1
  22. SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384** 1
  23. SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA2561
  24. SSL_ECDH_RSA_WITH_AES_128_GCM_SHA2561
  25. SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA**
  26. SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA**
  27. SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  28. SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA
  29. SSL_DHE_RSA_WITH_AES_256_CBC_SHA**
  30. SSL_DHE_DSS_WITH_AES_256_CBC_SHA**
  31. SSL_DHE_RSA_WITH_AES_128_CBC_SHA
  32. SSL_DHE_DSS_WITH_AES_128_CBC_SHA
  33. SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA**
  34. SSL_ECDH_RSA_WITH_AES_256_CBC_SHA**
  35. SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA
  36. SSL_ECDH_RSA_WITH_AES_128_CBC_SHA
  37. SSL_RSA_WITH_AES_256_GCM_SHA384** 1
  38. SSL_RSA_WITH_AES_256_CBC_SHA256** 1
  39. SSL_RSA_WITH_AES_128_CBC_SHA2561
  40. SSL_RSA_WITH_AES_256_CBC_SHA**
  41. SSL_RSA_WITH_AES_128_GCM_SHA2561
  42. SSL_RSA_WITH_AES_128_CBC_SHA
  43. SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA3
  44. SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA3
  45. SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA3
  46. SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA3
  47. SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA3
  48. SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA3
  49. SSL_RSA_WITH_3DES_EDE_CBC_SHA3
  50. TLS_EMPTY_RENEGOTIATION_INFO_SCSV2

1 Cipher suites with SHA384 and SHA256 are available only for TLS 1.2 .

2 TLS_EMPTY_RENEGOTIATION_INFO_SCSV is a pseudo-cipher suite to support RFC 5746. See Transport Layer Security (TLS) Renegotiation Issue for more information.

Start of changes for service refresh 103 These cipher suites are disabled by jdk.tls.disabledAlgorithms.End of changes for service refresh 10

** Cipher suites that use AES_256 require the JCE Unlimited Strength Jurisdiction Policy Files.

Default disabled cipher suites in order of preference
Note: In the following list, the string "TLS" can be used instead of "SSL" (but not vice versa) when the cipher suite name is used with these methods: javax.net.SSLEngine.setEnabledCipherSuites, javax.net.ssl.SSLSocket.setEnabledCipherSuites, and javax.net.ssl.SSLParameters.setCipherSuites. In all other situations, the cipher suite name is as listed.
  1. SSL_DH_anon_WITH_AES_256_GCM_SHA384** 1, 4
  2. SSL_DH_anon_WITH_AES_128_GCM_SHA256 1, 4
  3. SSL_DH_anon_WITH_AES_256_CBC_SHA256** 1, 4
  4. SSL_ECDH_anon_WITH_AES_256_CBC_SHA** 4
  5. SSL_DH_anon_WITH_AES_256_CBC_SHA** 4
  6. SSL_DH_anon_WITH_AES_128_CBC_SHA2561, 4
  7. SSL_ECDH_anon_WITH_AES_128_CBC_SHA4
  8. SSL_DH_anon_WITH_AES_128_CBC_SHA4
  9. SSL_ECDH_anon_WITH_3DES_EDE_CBC_SHA4
  10. SSL_DH_anon_WITH_3DES_EDE_CBC_SHA4
  11. SSL_ECDHE_ECDSA_WITH_RC4_128_SHA5
  12. SSL_ECDHE_RSA_WITH_RC4_128_SHA5
  13. SSL_RSA_WITH_RC4_128_SHA5
  14. SSL_ECDH_ECDSA_WITH_RC4_128_SHA5
  15. SSL_ECDH_RSA_WITH_RC4_128_SHA5
  16. SSL_RSA_WITH_RC4_128_MD55
  17. SSL_ECDH_anon_WITH_RC4_128_SHA4
  18. SSL_DH_anon_WITH_RC4_128_MD54
  19. SSL_RSA_WITH_DES_CBC_SHA2
  20. SSL_DHE_RSA_WITH_DES_CBC_SHA2
  21. SSL_DHE_DSS_WITH_DES_CBC_SHA2
  22. SSL_DH_anon_WITH_DES_CBC_SHA2, 4
  23. SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA3
  24. SSL_RSA_FIPS_WITH_DES_CBC_SHA3
  25. SSL_DHE_DSS_WITH_RC4_128_SHA3
  26. SSL_RSA_EXPORT_WITH_DES40_CBC_SHA3
  27. SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA3
  28. SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA3
  29. SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA3, 4
  30. SSL_RSA_EXPORT_WITH_RC4_40_MD53
  31. SSL_DH_anon_EXPORT_WITH_RC4_40_MD53, 4
  32. SSL_RSA_WITH_NULL_SHA2561
  33. SSL_ECDHE_ECDSA_WITH_NULL_SHA
  34. SSL_ECDHE_RSA_WITH_NULL_SHA
  35. SSL_RSA_WITH_NULL_SHA
  36. SSL_ECDH_ECDSA_WITH_NULL_SHA
  37. SSL_ECDH_RSA_WITH_NULL_SHA
  38. SSL_ECDH_anon_WITH_NULL_SHA4
  39. SSL_RSA_WITH_NULL_MD5
  40. SSL_KRB5_WITH_3DES_EDE_CBC_SHA
  41. SSL_KRB5_WITH_3DES_EDE_CBC_MD5
  42. SSL_KRB5_WITH_RC4_128_SHA
  43. SSL_KRB5_WITH_RC4_128_MD5
  44. SSL_KRB5_WITH_DES_CBC_SHA2
  45. SSL_KRB5_WITH_DES_CBC_MD52
  46. SSL_KRB5_EXPORT_WITH_DES_CBC_40_SHA3
  47. SSL_KRB5_EXPORT_WITH_DES_CBC_40_MD53
  48. SSL_KRB5_EXPORT_WITH_RC4_40_SHA3
  49. SSL_KRB5_EXPORT_WITH_RC4_40_MD53

Start of changes for service refresh 11 Cipher suites with SHA384 and SHA256 are available only for TLS 1.2. End of changes for service refresh

2 RFC 5246 TLS 1.2 forbids the use of these suites. These can be used in the SSLv3/TLS1.0/TLS1.1 protocols, but cannot be used in TLS 1.2 and later.

3 RFC 4346 TLS 1.1 forbids the use of these suites. These can be used in the SSLv3/TLS1.0 protocols, but cannot be used in TLS 1.1 and later.

4 Although anonymous cipher suites are enabled, the IBMJSSE2 TrustManager does not allow anonymous cipher suites. The default implementation can be overridden by providing your own TrustManager that allows anonymous cipher suites. See Accepting Anonymous Cipher Suites for information about creating your own X509TrustManager.

Start of changes for service refresh 95 These cipher suites are disabled to mitigate against CVE-2015-2808: Bar Mitzvah security vulnerability. End of changes for service refresh 9

** Cipher suites that use AES_256 require the JCE Unlimited Strength Jurisdiction Policy Files.