I observe network traffic (using Wireshark) when I make any HTTPS connection, and noted that in the CLIENT HELLO step,
AES cipher negotiation algorithm
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
gets higher precedence than the ECDH cipher negotiation algorithm
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
As per my understanding, the session key (shared secret) generated in case of AES will be encrypted by the public key of web server (at web browser side) and pass to web server, which can be compromised by eavesdropper by using public key of web server by sniffing packet and provided his/her own shared secret.
But the session key (shared secret) generated in case of ECDH is generated based on mathematical function and derived same key at both the end(web server and web browser) without actual exchange of key.
If that is the case, ECDH type of cipher suite should have higher priority than AES type cipher suite.
Educate me in case I misinterpreted something here.
Note: I noticed, almost every time web server negotiated the ECDH algorithm.