Forum Discussion

refra_151287's avatar
Jan 24, 2017

SSL: Restrict Key Exchange Length

Hi, any idea how to restrict Key exchange protocols that are based on DHE or RSA protocols with keys not less than 2048-bits in length?


4 Replies

  • The Cipher string in your SSL profile. You'll have to change the dropdown to "Advanced" to see it, and it is set to "DEFAULT" unless you modify it. You can get the cipher suites available in DEFAULT with the following command:

    tmm --clientciphers 'DEFAULT'

    Fro there you can include or exclude whatever you want.

  • Unfortunately you can't - F5 only supports 1024 bits for DHE. In real-life terms this should be enough (unless the Russians are after you), however if scans are complaining then you'll need to disable DHE ciphers and use only ECDHE instead.


    • refra_151287's avatar
      Icon for Cirrus rankCirrus

      Thanks a lot, how can I know the key length for the other algorithms?


    • IheartF5_45022's avatar
      Icon for Nacreous rankNacreous

      DHE (Diffie-Hellman Ephemeral) key exchange uses prime numbers. The number of bits (which is what we are talking about above) used refers to the length of the prime numbers used within the exchange, not to the key itself. A 1024b prime is considered breakable by a nation-state, so you will get pinged by most vulnetability scanners if you are using this - 2048b for DHE however is not considered breakable.


      ECDHE (Elliptic Curve DHE) is a variant of DHE using elliptic curve cryptography. It uses only 128b however is not considered breakable. So in other words - you shouldn't worry (and scans won't either) about the 'key' length if you only have ECDHE ciphers enabled.