Oracle Advanced Security Cipher Suites - Oracle Database B10772-01 Administrator's Manual

Enabling SSL
Table 7–1
Advanced Security. These cipher suites are set by default when you install Oracle
Advanced Security. This table also lists the authentication, encryption, and data
integrity types each cipher suite uses.
Table 7–1

Oracle Advanced Security Cipher Suites

Cipher Suites
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_DES_CBC_SHA
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
SSL_DH_anon_WITH_RC4_128_MD5
SSL_DH_anon_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_AES_256_CBC_SHA
1
AES ciphers work with Transport Layer Security (TLS 1.0) only
7-18 Oracle Database Advanced Security Administrator's Guide
Prioritize cipher suites starting with the strongest and moving to the weakest to
ensure the highest level of security possible.
If you set a cipher suite employing Diffie-Hellman
Note:
anonymous authentication on the server, then you must also set the
same cipher suite on the client. Otherwise, the connection fails.
If you use a cipher suite employing Diffie-Hellman anonymous,
then you must set the SSL_CLIENT_AUTHENTICATION parameter
to FALSE. See: "Step 5: Set SSL Client Authentication on the Server
(Optional)" on page 7-21.
lists the SSL cipher suites supported in the current release of Oracle
1
1
Authentication Encryption
RSA 3DES EDE CBC
RSA RC4 128
RSA RC4 128
RSA DES CBC
DH anon 3DES EDE CBC
DH anon RC4 128
DH anon DES CBC
RSA RC4 40
RSA DES40 CBC
RSA AES 128 CBC
RSA AES 256 CBC
Data Integrity
SHA-1
SHA-1
MD5
SHA-1
SHA-1
MD5
SHA-1
MD5
SHA-1
SHA-1
SHA-1