Created
March 10, 2018 15:29
-
-
Save cyrex562/20983f4ef66b02e0bb861fb2aca077f1 to your computer and use it in GitHub Desktop.
Diffie-Hellman Groups
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Diffie-Hellman group 1 - 768 bit modulus - AVOID | |
| Diffie-Hellman group 2 - 1024 bit modulus - AVOID | |
| Diffie-Hellman group 5 - 1536 bit modulus - AVOID | |
| Diffie-Hellman group 14 - 2048 bit modulus – MINIMUM ACCEPTABLE | |
| Diffie-Hellman group 19 - 256 bit elliptic curve – ACCEPTABLE | |
| Diffie-Hellman group 20 - 384 bit elliptic curve – Next Generation Encryption | |
| Diffie-Hellman group 21 - 521 bit elliptic curve – Next Generation Encryption | |
| Diffie-Hellman group 24 - modular exponentiation group with a 2048-bit modulus and 256-bit prime order subgroup – Next Generation Encryption | |
| Algorithms marked as AVOID do not provide an adequate security level against modern threats and should not be used to protect sensitive information. It is recommended that these algorithms be replaced with stronger algorithms. | |
| Next Generation Encryption (NGE) is expected to meet the security and scalability requirements of the next two decades. | |
| If you are using encryption or authentication algorithms with a 128-bit key, use Diffie-Hellman groups 5, 14, 19, 20 or 24. If you are using encryption or authentication algorithms with a 256-bit key or higher, use Diffie-Hellman group 21 or 24. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment