Cipher Suites in TimesTen

A cipher suite is a set of authentication, encryption, and data integrity algorithms used for exchanging messages between network entities.

Each cipher suite defines the algorithms used for:

• Authentication (digital signatures)
• Encryption (data confidentiality)
• Data integrity (message authentication)

During the TLS handshake, the client and server negotiate a cipher suite from the list of cipher suites that both sides support. The selected cipher suite is then used for all communication during the TLS session.

These topics are discussed here:

• Certificate Key Type and Cipher Suite Compatibility

• Supported TLS Protocol Versions

• Cipher Suite Configuration and Negotiation

• TLS 1.3 and 1.2 Cipher Suites Supported by TimesTen

Certificate Key Type and Cipher Suite Compatibility

A TLS cipher suite specifies, among other components, the authentication (digital signature) algorithm used during the TLS handshake. Common authentication algorithms include RSA and ECDSA.

Certificates stored in Oracle Wallets and used for TLS client or server authentication contain a public key based on either RSA or ECDSA. The authentication algorithm defined in the selected cipher suite must be compatible with the certificate’s key algorithm.

If the certificate key type and the cipher suite authentication algorithm do not match, the TLS handshake fails.

RSA Support

RSA (Rivest–Shamir–Adleman) is a public-key cryptographic algorithm based on the mathematical difficulty of factoring large prime numbers. TimesTen supports:

• Key sizes: 2048 and 4096 bits (default)
• Signing Algorithms: sha256, sha384, sha512 (default)

Certificates that contain an RSA key require cipher suites that use RSA authentication (for example, TLS_ECDHE_RSA_*).

ECDSA Support

ECDSA (Elliptic Curve Digital Signature Algorithm) is a public-key asymmetric cryptographic algorithm that uses elliptic curve mathematics to generate strong digital signatures with smaller key sizes than RSA. TimesTen supports:

• Elliptic Curves: p256, p384, p521 (default)
• Signing Algorithms: ecdsasha256, ecdsasha384, ecdsasha512 (default)

Certificates that contain an ECC (ECDSA) key require cipher suites that use ECDSA authentication (for example, TLS_ECDHE_ECDSA_*).

To determine whether a certificate uses RSA or ECC, if you have OpenSSL installed, navigate to your server certificate and run the following command:

openssl x509 -in server1.cert -text -noout

where server1.cert is the name of the server certificate.

Look for output similar to the following:

• For RSA: Public Key Algorithm: rsaEncryption

• For ECC: Public Key Algorithm: id-ecPublicKey

In summary, when configuring TLS:

1. Determine whether your certificate uses RSA or ECC.
2. Configure at least one cipher suite that matches the certificate’s key type.
3. Ensure that the selected signing algorithm and key size/curve are supported by TimesTen.

Using compatible certificate key types and cipher suites ensures successful TLS negotiation and strong cryptographic protection.

Supported TLS Protocol Versions

TimesTen supports the following TLS protocol versions:

• TLS 1.3 provides improved security, performance, and simpler cipher suite negotiation.
• TLS 1.2 supports compatibility with older TimesTen clients.

Cipher Suite Configuration and Negotiation

Cipher Suite Configuration

Since there is no default cipher suite setting, you must specify the CipherSuites connection attribute in both your client and server configuration. TimesTen provides the CipherSuites connection attribute to specify one or more cipher suites. (The exception is if you specified the cipher suite setting at the instance level. In this case, the setting is in the timesten.conf file.)

You can specify one or more cipher suites for the TimesTen client-specific CipherSuites connection attribute and for the TimesTen server-specific CipherSuites connection attribute. If you specify more than one cipher suite for the connection attribute, ensure to separate each by a comma. TimesTen recommends that you list the cipher suites from strongest to weakest. Ensure that the client and the server have at least one common cipher suite. If the client and server cannot agree on a common cipher suite, the TLS connection fails.

When configuring client/server connections between two release-environments, configure cipher suites recognized by both releases:

• For client/server connections between TimesTen Releases 26.1 and 22.1, specify at least one of the following cipher suites on both the client and server sides:
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
• For client/server connections between TimesTen Releases 26.1 and 18.1, specify at least one of the following cipher suites on both the client and server sides:
  • SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

Cipher Suite Negotiation

• Protocol Version Selection
  • If both client and server list at least one TLS 1.3 cipher suite, TLS 1.3 is negotiated and TLS 1.2 cipher suites are ignored.
  • If no mutually configured TLS 1.3 cipher suite exists, TimesTen falls back to TLS 1.2 cipher suites.
• Cipher Suite Selection
  • TLS 1.3: When TLS 1.3 is negotiated, the client and server select the first TLS 1.3 cipher suite that appears in both CipherSuites lists. The order of cipher suites in the client’s CipherSuites list determines the selection.
  • TLS 1.2: When TLS 1.2 is negotiated, the client proposes its ordered list of TLS 1.2 cipher suites. The server selects the first cipher suite from the client’s list that is also configured on the server.

CipherSuites Length Limitation

• The CipherSuites connection attribute is limited to 256 characters. Any cipher suites listed beyond this limit are silently truncated and ignored.
• When configuring mixed TLS 1.3 and TLS 1.2 cipher suites, ensure that all required cipher suites appear within the first 256 characters to avoid negotiation failures.

TLS 1.3 and 1.2 Cipher Suites Supported by TimesTen

The following table lists the supported cipher suites (including the SSL-named cipher suites) and the authentication, encryption, and data integrity algorithm each uses. The last two columns indicate if the cipher suite is valid for the ECC or the RSA public key algorithm. Ensure that you choose a cipher suite that is valid for the key (ECC or RSA) that was used to sign the certificates.

Table 4-1 TLS 1.3 Cipher Suites

Cipher Suite	Authentication	Encryption	Data Integrity	Valid for ECC?	Valid for RSA?
TLS_AES_128_CCM_SHA256	CDHE_RSA, DHE_RSA, ECDHE_ECDSA	AES 128 CCM	SHA256 (SHA-2)	Yes	Yes
TLS_AES_128_GCM_SHA256	CDHE_RSA, DHE_RSA, ECDHE_ECDSA	AES 128 GCM	SHA256 (SHA-2)	Yes	Yes
TLS_AES_256_GCM_SHA384	CDHE_RSA, DHE_RSA, ECDHE_ECDSA	AES 256 GCM	SHA384 (SHA-2)	Yes	Yes
TLS_CHACHA20_POLY1305_SHA256 (non-FIPS only)	CDHE_RSA, DHE_RSA, ECDHE_ECDSA	CHACHA20 POLY1305	SHA256 (SHA-2)	Yes	Yes

Note:

TLS_AES_256_GCM_SHA384 is the strongest cipher suite.

Table 4-2 TLS 1.2 Cipher Suites

Cipher Suite	Authentication	Encryption	Data Integrity	Valid for ECC?	Valid for RSA?
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256	DHE_RSA	AES 128 GCM	SHA256 (SHA-2)	No	Yes
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384	DHE_RSA	AES 256 GCM	SHA384 (SHA-2)	No	Yes
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256	ECDHE_ECDSA	AES 128 GCM	SHA256 (SHA-2)	Yes	No
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384	ECDHE_ECDSA	AES 256 GCM	SHA384 (SHA-2)	Yes	No
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	ECDHE_RSA	AES 128 GCM	SHA256 (SHA-2)	No	Yes
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384	ECDHE_RSA	AES 256 GCM	SHA384 (SHA-2)	No	Yes

Note:

You can use the SSL prefix rather than TLS for the supported cipher suites for cross release client/server configurations or backward compatibility. For example, you can specify either TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 or SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384.