This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 85%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi All,
We have a doubt on how to identify the strong and weak ciphers from below:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Can anyone help me identify?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 16%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHX%3C/text%3E%3C/svg%3E)
Hello @Fahrid F ,
We are checking in to see if the provided information was helpful. If the reply is helpful, we would appreciate you to accept it as answer.
Please let us know if you would like further assistance. Thanks.
Best Regards,
Hannah Xiong
Hello @Fahrid F ,
Does this question have any update or has this issue been solved? Also, for the question, is there any other assistance we could provide?
Besides, there is email notifications function on this forum. It is suggested that we could set it up so that we could receive prompts for responses in time.
https://learn.microsoft.com/en-us/answers/articles/67444/email-notifications.html
Thank you so much for your time and support.
Best regards,
Hannah Xiong
First cipher is a bit more secure since it uses GCM (Galois/Counter Mode) mode which is new to TLS 1.2 and is not vulnerable to BEAST attack (other two that use CBC mode may be vulnerable to this specific attack).
Hello,
Thank you so much for posting here.
Have we checked the provided information? Hope it will be helpful to you.
For Windows 10, version 1607 and Windows Server 2016, the following cipher suites are enabled and in this priority order by default using the Microsoft Schannel Provider as shown below.
We could see that TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 has the higher priority order, which is more secure and strong. Below are the information we would like to share with you. Hope they could be helpful to you.
https://learn.microsoft.com/en-us/windows/win32/secauthn/cipher-suites-in-schannel
https://learn.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-10-v1607
For any question, please feel free to contact us.
Best regards,
Hannah Xiong
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.