[openssl-users] What key length is used for DHE by default ?
Matt Caswell
matt at openssl.org
Fri May 22 10:17:21 UTC 2015
On 22/05/15 11:11, Nayna Jain wrote:
> Hi,
>
> With the latest logjam attack, as I was trying to verify if my server
> (lighttpd) accepts DHE_xxx ciphers, I saw that it accepted and I
> didn't do any configuration setting done for DH parameters explicitly.
>
> But I couldn't verify what is the key length did it use by default
> 512/1024/2048 ?
>
> Eg. the one it negotiated was DHE-RSA-AES128-SHA256 and for TLSv1.2
> protocol ?
>
> Will the key length be different for different protocols like
> SSLv3/TLSv1.0/TLSv1.1/TLSv1.2? If yes , then what for each of them.
How that is configured depends on the application that is using OpenSSL.
A quick google search throws up this:
http://redmine.lighttpd.net/projects/1/wiki/docs_ssl
'Diffie-Hellman and Elliptic-Curve Diffie-Hellman parameters
Diffie-Hellman and Elliptic-Curve Diffie-Hellman key agreement protocols
will be supported in lighttpd 1.4.29. By default, Diffie-Hellman and
Elliptic-Curve Diffie-Hellman key agreement protocols use, respectively,
the 1024-bit MODP Group with 160-bit prime order subgroup from RFC 5114
and "prime256v1" (also known as "secp256r1") elliptic curve from RFC
4492. The Elliptic-Curve Diffie-Hellman key agreement protocol is
supported in OpenSSL from 0.9.8f version onwards. For maximum
interoperability, OpenSSL only supports the "named curves" from RFC 4492.
Using the ssl.dh-file and ssl.ec-curve configuration variables, you can
define your own set of Diffie-Hellman domain parameters. For example:
ssl.dh-file = "/etc/lighttpd/ssl/dh2048.pem"
ssl.ec-curve = "secp384r1"'
Matt
More information about the openssl-users
mailing list