TLS DHE ciphersuites
E719310
TLS DHE ciphersuites are Transport Layer Security cipher suites that use ephemeral finite-field Diffie–Hellman key exchange to provide forward secrecy between communicating parties.
All labels observed (1)
| Label | Occurrences |
|---|---|
| TLS DHE ciphersuites canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T8202875 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: TLS DHE ciphersuites Context triple: [Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS), relatedTo, TLS DHE ciphersuites]
-
A.
TLS 1.2
TLS 1.2 is a widely deployed version of the Transport Layer Security protocol that provides encrypted and authenticated communication over computer networks.
-
B.
DTLS
DTLS (Datagram Transport Layer Security) is a protocol that provides TLS-like encryption, integrity, and authentication for datagram-based communications such as UDP.
-
C.
DNS over DTLS
DNS over DTLS is a protocol that secures DNS queries using Datagram Transport Layer Security over UDP, providing encryption and integrity while preserving DNS’s low-latency, connectionless nature.
-
D.
DTLS-SRTP
DTLS-SRTP is a security protocol framework that uses Datagram Transport Layer Security to negotiate keys and provide encryption and authentication for Secure Real-time Transport Protocol media streams, commonly used in VoIP and WebRTC.
-
E.
TLS
TLS (Transport Layer Security) is a cryptographic protocol that secures data transmitted over networks by providing encryption, authentication, and integrity between communicating applications.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: TLS DHE ciphersuites Target entity description: TLS DHE ciphersuites are Transport Layer Security cipher suites that use ephemeral finite-field Diffie–Hellman key exchange to provide forward secrecy between communicating parties.
-
A.
TLS 1.2
TLS 1.2 is a widely deployed version of the Transport Layer Security protocol that provides encrypted and authenticated communication over computer networks.
-
B.
DTLS
DTLS (Datagram Transport Layer Security) is a protocol that provides TLS-like encryption, integrity, and authentication for datagram-based communications such as UDP.
-
C.
DNS over DTLS
DNS over DTLS is a protocol that secures DNS queries using Datagram Transport Layer Security over UDP, providing encryption and integrity while preserving DNS’s low-latency, connectionless nature.
-
D.
DTLS-SRTP
DTLS-SRTP is a security protocol framework that uses Datagram Transport Layer Security to negotiate keys and provide encryption and authentication for Secure Real-time Transport Protocol media streams, commonly used in VoIP and WebRTC.
-
E.
TLS
TLS (Transport Layer Security) is a cryptographic protocol that secures data transmitted over networks by providing encryption, authentication, and integrity between communicating applications.
- F. None of above. chosen
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
TLS cipher suite family
ⓘ
cryptographic protocol component ⓘ |
| canBeConfiguredWith | server-preferred cipher suite ordering ⓘ |
| canUseAuthenticationAlgorithm |
DSA
NERFINISHED
ⓘ
ECDSA NERFINISHED ⓘ RSA NERFINISHED ⓘ |
| canUseGroupType |
IETF standardized finite-field DH groups
ⓘ
custom finite-field DH groups ⓘ |
| cipherSuiteNamePrefix | TLS_DHE_ ⓘ |
| contrastsWith |
TLS ECDHE ciphersuites
NERFINISHED
ⓘ
TLS RSA key exchange ciphersuites ⓘ |
| definedIn |
TLS 1.0 specification
NERFINISHED
ⓘ
TLS 1.1 specification NERFINISHED ⓘ TLS 1.2 specification ⓘ |
| deprecatedStatus | discouraged in many modern configurations in favor of ECDHE ⓘ |
| exampleCipherSuite |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
ⓘ
TLS_DHE_DSS_WITH_AES_256_CBC_SHA ⓘ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ⓘ TLS_DHE_RSA_WITH_AES_128_CBC_SHA ⓘ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ⓘ TLS_DHE_RSA_WITH_AES_256_CBC_SHA ⓘ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ⓘ |
| hasPerformanceCharacteristic | slower than ECDHE at comparable security levels ⓘ |
| hasSecurityProperty | protects past sessions if server private key is compromised ⓘ |
| keyExchangeGroupType | finite-field Diffie–Hellman group ⓘ |
| keyExchangeType | ephemeral ⓘ |
| mayBeDisabledFor |
compatibility with TLS 1.3-only configurations
ⓘ
performance reasons ⓘ |
| negotiatedDuring | TLS handshake ⓘ |
| notDefinedIn | TLS 1.3 specification NERFINISHED ⓘ |
| providesProperty | forward secrecy ⓘ |
| recommendedKeySize | at least 2048-bit DH modulus for modern security ⓘ |
| relatedAttack | Logjam attack NERFINISHED ⓘ |
| requiresClientCapability | support for ephemeral finite-field Diffie–Hellman ⓘ |
| requiresParameter | Diffie–Hellman group parameters (p,g) ⓘ |
| requiresServerCapability | support for ephemeral finite-field Diffie–Hellman ⓘ |
| securityDependsOn | discrete logarithm problem hardness in chosen finite field ⓘ |
| stillUsedIn |
some TLS 1.1 deployments
ⓘ
some TLS 1.2 deployments ⓘ some legacy TLS 1.0 deployments ⓘ |
| usedInProtocol |
Datagram Transport Layer Security (DTLS)
NERFINISHED
ⓘ
Transport Layer Security (TLS) NERFINISHED ⓘ |
| usesAuthentication | certificate-based authentication ⓘ |
| usesForConfidentiality | symmetric encryption algorithms negotiated in the cipher suite ⓘ |
| usesForIntegrity | message authentication codes or AEAD modes negotiated in the cipher suite ⓘ |
| usesKeyExchangeAlgorithm | ephemeral Diffie–Hellman over finite fields (DHE) NERFINISHED ⓘ |
| usesOperation | modular exponentiation ⓘ |
| vulnerableIf |
Diffie–Hellman parameters are reused insecurely
ⓘ
weak or small Diffie–Hellman groups are used ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: TLS DHE ciphersuites Description of subject: TLS DHE ciphersuites are Transport Layer Security cipher suites that use ephemeral finite-field Diffie–Hellman key exchange to provide forward secrecy between communicating parties.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.