TLS_AES_128_CCM_SHA256
TLS 1.3 | 128-bit Not Recommended
Cipher Suite Details
TLS_AES_128_CCM_SHA2560x13044868What is TLS_AES_128_CCM_SHA256?
TLS_AES_128_CCM_SHA256 uses AES-128 in CCM (Counter with CBC-MAC) mode. CCM is an alternative AEAD mode to GCM, designed for resource-constrained devices like IoT sensors and embedded systems. CCM requires less memory and simpler hardware compared to GCM but is not parallelizable, making it slower on multi-core processors. CCM is defined in RFC 3610 and is widely used in wireless sensor networks (IEEE 802.15.4, Zigbee, Bluetooth LE). TLS 1.3 includes CCM for IoT compatibility, but it is rarely used in standard web browsers and servers.
Role in JA3 Fingerprinting
The TLS_AES_128_CCM_SHA256 cipher suite is part of the TLS Client Hello that JA3 analyzes. Cipher suite order and selection are key indicators of browser type and version.
JA3 Format: TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS
Different browsers prioritize different cipher suites (Chrome prefers ChaCha20 on mobile, Firefox prioritizes AES-GCM, etc.), making cipher suite ordering a reliable fingerprint.
Test Your Cipher Suites
See which cipher suites your browser advertises, including TLS_AES_128_CCM_SHA256.