[openssl-users] Default key length of DH/DHE/ECDH/ECDHE

Jakob Bohm jb-openssl at wisemo.com
Mon Jul 24 12:16:45 UTC 2017

On 24/07/2017 13:35, SaAtomic wrote:
> I'm not sure if this question is more suitable for the OpenVPN or the 
> OpenSSl users list.
> OpenSSL as the ssl/tls library for OpenVPN offers DH with and without 
> ephemeral keys as well as with or without elliptic curves.
> With OpenVPN 2.4.0 and OpenSSL 1.0.2l only ECDHE and DHE are 
> available, but I do not have the option to define a key length,
> so I assume OpenSSL's default key length will be used.
> What is the default key length of OpenSSL for DH, DHE, ECDH and ECDHE?
For DHE, the key size is set by the group parameters, for
which there is no default other than what the application
(in this case OpenVPN) sets.


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list