Diffie-Hellman "p" length 1024/2048 bits

rafaelbn · ‎06-Dec-2020

Hey folks! Spoiler: very tricky question ahead!

On diffie-hellman negotiation (TLSv1.2 and TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 cipher-suite to be more specific), the length of p (aka the size 1024/2048 bits) is dependent of just configuration or could the certificate issued influece it?

I ask this because I have two VS that share the same cipher-suites on the client-ssl profile but negotiate different sizes: one is 1024 and the other is 2048. And I read this K82014843 that BIG-IP is not supposed to use 2048 (as in it's not implemented) and to my surprised I'm getting 2048bits DH on my tests.

Any tips for me?

Thanks!

jaikumar_f5 · ‎07-Dec-2020

When it comes to handshake, the ciphers alone play role in negotiation. The certificate has no play here.

The DHE suites are 1024 alone in F5, if you had seen a 2048 bit, It should have been ECDHE.

Can you put a logging rule to confirm if it indeed was DHE suite and not ECDHE ?

View solution in original post

jaikumar_f5 · ‎07-Dec-2020

When it comes to handshake, the ciphers alone play role in negotiation. The certificate has no play here.

The DHE suites are 1024 alone in F5, if you had seen a 2048 bit, It should have been ECDHE.

Can you put a logging rule to confirm if it indeed was DHE suite and not ECDHE ?

rafaelbn · ‎07-Dec-2020

Hello Jaikumar! Thanks for the reply.

I will investigate it further. But will let you know.

Do you recommend any article/training that explain this? I wish to understand this type of thing better.

Thanks!

jaikumar_f5 · ‎07-Dec-2020

Here mate, hope this helps.

SSL Profiles Part 1: Handshakes

Troubleshooting SSL/TLS handshake failures

Troubleshooting Handshake by Capturing Traffic

Qualsys SSL lab test reports a result of DH 1024 bits WEAK

rafaelbn · ‎09-Dec-2020

Thanks Jaikumar!

DevCentral

Diffie-Hellman "p" length 1024/2048 bits