Microsoft Download Cipher Suites
Tequila Trueluck
A cipher suite is a set of cryptographic algorithms. The schannel SSP implementation of the TLS/SSL protocols use algorithms from a cipher suite to create keys and encrypt information. A cipher suite specifies one algorithm for each of the following tasks:
Different Windows versions support different TLS cipher suites and priority order. See the corresponding Windows version for the default order in which they are chosen by the Microsoft Schannel Provider.
Prior to Windows 10, cipher suite strings were appended with the elliptic curve to determine the curve priority. Windows 10 supports an elliptic curve priority order setting so the elliptic curve suffix is not required and is overridden by the new elliptic curve priority order, when provided, to allow organizations to use group policy to configure different versions of Windows with the same cipher suites.
Different Windows versions support different TLS cipher suites and priority order. See Cipher Suites in TLS/SSL (Schannel SSP) for the default order supported by the Microsoft Schannel Provider in different Windows versions.
Beginning with Windows 10 & Windows Server 2016, ECC curve order can be configured independent of the cipher suite order. If the TLS cipher suite order list has elliptic curve suffixes, they will be overridden by the new elliptic curve priority order, when enabled. This allow organizations to use a Group Policy object to configure different versions of Windows with the same cipher suites order.
This article describes an update in which new TLS cipher suites are added and cipher suite default priorities are changed in Windows RT 8.1, Windows 8.1, Windows Server 2012 R2, Windows 7, or Windows Server 2008 R2. These new cipher suites improve compatibility with servers that support a limited set of cipher suites.
Note This is changing the default priority list for the cipher suites. If you have deployed a Group Policy in your environment that has an updated cipher suite priority ordering, this update won't affect those computers where the Group Policy is deployed.
Using Group Policy as described here is the supported method of updating the cipher suite priority ordering. Updating the registry settings for the default priority ordering isn't supported. If you change these registry settings, this update will reset them to the default settings.
To provide best-in-class encryption, Office 365 regularly reviews supported encryption standards. Sometimes, old standards are deprecated as they become out of date and less secure. This article describes currently supported cipher suites and other standards and details about planned deprecations.
All cipher suites supported by Office 365 use algorithms acceptable under FIPS 140-2. Office 365 inherits FIPS validations from Windows (through Schannel). For information about Schannel, see Cipher Suites in TLS/SSL (Schannel SSP).
To maintain a secure connection to Office 365 and Microsoft 365 services, all client-server and browser-server combinations use TLS 1.2 and modern cipher suites. You might have to update certain client-server and browser-server combinations. For information about how this change impacts you, see Preparing for the mandatory use of TLS 1.2 in Office 365.
Since October 31, 2018, Microsoft 365 no longer supports the use of 3DES cipher suites for communication to Microsoft 365. More specifically, Microsoft 365 no longer supports the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite. Since February 28, 2019, this cipher suite has been disabled in Microsoft 365. Clients and servers that communicate with Microsoft 365 must support one or more of the supported ciphers. For a list of supported ciphers, see TLS cipher suites supported by Microsoft 365.
TLS uses cipher suites, collections of encryption algorithms, to establish secure connections. Microsoft 365 supports the cipher suites listed in the following table. The table lists the cipher suites in order of strength, with the strongest cipher suite listed first.
Microsoft 365 responds to a connection request by first attempting to connect using the most secure cipher suite. If the connection doesn't work, Microsoft 365 tries the second most secure cipher suite in the list, and so on. The service continues down the list until the connection is accepted. Likewise, when Microsoft 365 requests a connection, the receiving service chooses whether to use TLS and which cipher suite to use.
The following cipher suites supported TLS 1.0 and 1.1 protocols until their deprecation date. For GCC High and DoD environments that deprecation date was January 15, 2020. For Worldwide and GCC environments that date was October 15, 2020.
Certain Office 365 products (including Microsoft Teams) use Azure Front Door to terminate TLS connections and route network traffic efficiently. At least one of the cipher suites supported by Azure Front Door over TLS 1.2 must be enabled to successfully connect to these products. For Windows 10 and above, we recommend enabling one or both of the ECDHE cipher suites for better security. Windows 7, 8, and 8.1 aren't compatible with Azure Front Door's ECDHE cipher suites and the DHE cipher suites have been provided for compatibility with those operating systems.
A cipher suite is a set of cryptographic algorithms. This is used to encrypt messages between clients/servers and other servers. Dataverse is using the latest TLS 1.2 cipher suites as approved by Microsoft Crypto Board.
From a previous announcement on the Minimum TLS Cipher Suite (preview), the feature only supported the configuration through the API. The good news is that now users can configure the minimum TLS cipher suite for incoming requests through the Azure portal! This feature is currently only supported on Premium SKUs and above on multi-tenant App Service. This article will go through what cipher suites are and how they work on App Service, the minimum TLS cipher suite experience on Azure portal, and more information about an upcoming change that will happen before General Availability (GA).
A right pane will pop up and will show you the list of TLS cipher suites that are currently supported by our front-ends and information on what TLS cipher suites are enabled/disabled for the web app. For the default experience, all TLS cipher suites will be enabled for the web app.
To deploy your own cipher suite ordering for Schannel in Windows, you must prioritize cipher suites that are compatible with HTTP/2 by listing these first. Cipher suites that are on the HTTP/2 (RFC 7540) block list must appear at the bottom of your list. For example:
If the cipher suites that are on the block list are listed toward the top of your list, HTTP/2 clients and browsers may be unable to negotiate any HTTP/2-compatible cipher suite. This results in a failure to use the protocol.
The default ordering in Windows Server 2016 is compatible with HTTP/2 cipher suite preference. Additionally, this ordering is good beyond HTTP/2, as it favors cipher suites that have the strongest security characteristics. Therefore, the default ordering makes sure that HTTP/2 on Windows Server 2016 won't have any cipher suite negotiation issues with browsers and clients.
FIPS-compliance has become more complex with the addition of elliptic curves making the FIPS mode enabled column in previous versions of this table misleading. For example, a cipher suite such as TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 is only FIPS-compliant when using NIST elliptic curves. To find out which combinations of elliptic curves and cipher suites will be enabled in FIPS mode, see section 3.3.1 of Guidelines for the Selection, Configuration, and Use of TLS Implementations.
Every version of Windows has a different cipher suite order. Depending on what Windows Updates the server has applied, the order can be different even with the same version of Windows. These were gathered from fully updated operating systems.
Cipher suites can only be negotiated for TLS versions which support them. The highest supported TLS version is always preferred in the TLS handshake. For example, SSL_CK_RC4_128_WITH_MD5 can only be used when both the client and server do not support TLS 1.2, 1.1 & 1.0 or SSL 3.0 since it is only supported with SSL 2.0.
Windows 8.1 and Windows Server 2012 R2 are updated by Windows Update by the update 2919355 applied which adds the new cipher suites and changes the priority order. The following cipher suites are enabled and in this priority order by default by the Microsoft Schannel Provider:
To add cipher suites, use the group policy setting SSL Cipher Suite Order under Computer Configuration > Administrative Templates > Network > SSL Configuration Settings to configure a priority list for all cipher suites you want enabled.
The first time a client connects to a server through the SChannel SSP, a full TLS/SSL handshake is performed. When this is complete, the master secret, cipher suite, and certificates are stored in the session cache on the respective client and server.
The remote host supports the use of SSL ciphers that offer medium strength encryption. Generally we regard medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.
Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.