TLS_AES_128_CCM_8_SHA256
TLS 1.3 | 128-bit (64-bit auth) Not Recommended
Cipher Suite Details
TLS_AES_128_CCM_8_SHA2560x13054869What is TLS_AES_128_CCM_8_SHA256?
TLS_AES_128_CCM_8_SHA256 is a variant of CCM with an 8-byte authentication tag (instead of 16-byte), reducing overhead by 8 bytes per record. This is particularly valuable for bandwidth-constrained IoT devices transmitting small packets. The shorter tag provides 64-bit authentication strength instead of 128-bit, which is acceptable for many IoT use cases but not for high-security applications. CCM_8 is standardized in RFC 6655 and is used in Bluetooth LE and other low-power wireless protocols. Browser and server support is minimal, limited to specialized IoT gateways.
Role in JA3 Fingerprinting
The TLS_AES_128_CCM_8_SHA256 cipher suite is part of the TLS Client Hello that JA3 analyzes. Cipher suite order and selection are key indicators of browser type and version.
JA3 Format: TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS
Different browsers prioritize different cipher suites (Chrome prefers ChaCha20 on mobile, Firefox prioritizes AES-GCM, etc.), making cipher suite ordering a reliable fingerprint.
Test Your Cipher Suites
See which cipher suites your browser advertises, including TLS_AES_128_CCM_8_SHA256.