Loading TLS Cipher Suite Decoder...
Decode a TLS cipher suite code or IANA name into its key exchange, authentication, cipher and MAC, with security notes. Runs entirely in your browser.
A TLS cipher suite is the bundle of algorithms a client and server agree on for a connection. Each suite has a two-byte code, like 0xC02F, and a long IANA name, like TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, that packs four choices into one string. This tool turns either form into a clear breakdown, so when you see a suite in a packet capture, a scan report or a server config, you can tell at a glance how strong it is.
Input:
0xc02f
Output:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - ECDHE / RSA / AES-128-GCM, forward secrecy
What input formats are accepted?
A hex code in forms like 0xc02f, c02f or c0 2f, or a full IANA suite name starting with TLS_. Names are matched back to their code.
Does it cover every suite?
It covers the common TLS 1.2 and TLS 1.3 suites you meet in practice, plus notable legacy and weak ones. Rare or experimental codes may not be listed.
What does forward secrecy mean here?
Suites using ECDHE or DHE, and all TLS 1.3 suites, give forward secrecy, so a stolen long-term key cannot decrypt past sessions. Static RSA key exchange does not.
Does anything get uploaded?
No. The lookup and parsing happen entirely in your browser.
Decode a TLS cipher suite code (0xc02f) or IANA name into its key exchange, authentication, cipher and MAC, with security notes.