Forum Discussion

rafaelbn's avatar
rafaelbn
Icon for Cirrostratus rankCirrostratus
Dec 06, 2020

Diffie-Hellman "p" length 1024/2048 bits

Hey folks! Spoiler: very tricky question ahead!   On diffie-hellman negotiation (TLSv1.2 and TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 cipher-suite to be more specific), the length of p (aka the size 1...
  • jaikumar_f5's avatar
    Dec 07, 2020

    When it comes to handshake, the ciphers alone play role in negotiation. The certificate has no play here.

    The DHE suites are 1024 alone in F5, if you had seen a 2048 bit, It should have been ECDHE.

     

    Can you put a logging rule to confirm if it indeed was DHE suite and not ECDHE ?