Forum Discussion

refra_151287's avatar
refra_151287
Icon for Cirrus rankCirrus
Jan 24, 2017

SSL: Restrict Key Exchange Length

Hi, any idea how to restrict Key exchange protocols that are based on DHE or RSA protocols with keys not less than 2048-bits in length?  
application delivery
BIG-IP
LTM
IheartF5_45022's avatar
IheartF5_45022
Icon for Nacreous rankNacreous
Jan 24, 2017

Unfortunately you can't - F5 only supports 1024 bits for DHE. In real-life terms this should be enough (unless the Russians are after you), however if scans are complaining then you'll need to disable DHE ciphers and use only ECDHE instead.

 

  • refra_151287's avatar
    refra_151287
    Icon for Cirrus rankCirrus
    Jan 26, 2017

    Thanks a lot, how can I know the key length for the other algorithms?

     

  • IheartF5_45022's avatar
    IheartF5_45022
    Icon for Nacreous rankNacreous
    Jan 27, 2017

    DHE (Diffie-Hellman Ephemeral) key exchange uses prime numbers. The number of bits (which is what we are talking about above) used refers to the length of the prime numbers used within the exchange, not to the key itself. A 1024b prime is considered breakable by a nation-state, so you will get pinged by most vulnetability scanners if you are using this - 2048b for DHE however is not considered breakable.

     

    ECDHE (Elliptic Curve DHE) is a variant of DHE using elliptic curve cryptography. It uses only 128b however is not considered breakable. So in other words - you shouldn't worry (and scans won't either) about the 'key' length if you only have ECDHE ciphers enabled.