Lightboard Lessons: Perfect Forward Secrecy
I did promise to not ask more questions, but will appreciate if you can answer some more, sorry...
I found this kind of info about ECDHE-RSA
ECDHE suites use elliptic curve diffie-hellman key exchange, where DHE suites use normal diffie-hellman. This exchange is signed with RSA, in the same way in both cases.
The main advantage of ECDHE is that it is significantly faster than DHE.
And I am not sure what exactly does that mean. In case of DH key exchange is based on prime number, modulo and random number. So EC part above means that instead of this method, Elliptic Curve is used in the process that leads to generate pre-master and master key?
Considering RSA part - is that mean that value send by server is signed by server using its X509 private key so client using server certificate can verify if it was not altered on the way (MiM case)?
Last one is about what is the easiest way to match naming convention used by BIG-IP (tmm --clientciphers DEFAULT) to one used by Wireshark.
Let's say in Wireshark I can see TLS_RSA_WITH_AES_256_CBC_SHA (0x0035), on BIG-IP I have a list of ciphers. My guess is that matching entry is:
35: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
but Am I right?
Convention looks a bit different so hat would be a way to be sure that one matches other?
Piotr