When using DH for agreeing on encryption session keys, a modulus of at least 2048 bits is used, preferably 3072 bits.
Topic
Using Diffie-Hellman
Applicable to
Official, Protected
History
Priority
must
Mar 2022
When using DH for agreeing on encryption session keys, a modulus of at least 2048 bits is used, preferably 3072 bits.
While existing recommendations for the use of ASD-Approved Cryptographic Algorithms to protect OFFICIAL through to PROTECTED data addressed minimum key lengths, they didn’t address recommended key lengths.
Dec 2020
When using DH for agreeing on encryption session keys, a modulus of at least 2048 bits is used.
Security control 0472 was amended to remove references to a modulus of 1024 bits.
Nov 2020
When using DH for agreeing on encryption session keys, a modulus of at least 1024 bits, preferably 2048 bits, is used.
2015
Agencies using DH for the approved use of agreeing on encryption session keys must use amodulus of at least 1024 bits.
2010
Agencies using DH, for the approved use of agreeing on encryption session keys, must use a modulus of atleast 1024 bits.
2008
Agencies using DH, for the approved use of agreeing on encryption session keys, must use a modulus of at least 1024 bits.