When using ECDH for agreeing on encryption session keys, a base point order and key size of at least 224 bits is used, preferably the NIST P-384 curve.
Topic
Using Elliptic Curve Diffie-Hellman
Applicable to
Official, Protected
History
Priority
must
Mar 2022
When using ECDH for agreeing on encryption session keys, a base point order and key size of at least 224 bits is used, preferably the NIST P-384 curve.
While existing recommendations for the use of ASD-Approved Cryptographic Algorithms to protect OFFICIAL through to PROTECTED data addressed minimum key lengths, they didn’t address recommended key lengths.
Dec 2020
When using ECDH for agreeing on encryption session keys, a base point order and key size of at least 224 bits is used.
Security control 0474 was amended to remove references to a field/key size of 160 bits.
Nov 2020
When using ECDH for agreeing on encryption session keys, a field/key size of at least 160 bits, preferably 256 bits, is used.
2015
Agencies using ECDH for the approved use of agreeing on encryption session keys must use afield/key size of at least 160 bits.
2010
Agencies using ECDH, for the approved use of agreeing on encryption session keys, must use a field/keysize of at least 160 bits.
2008
Agencies using ECDH, for the approved use of agreeing on encryption session keys, must use a field/key size of at least 160 bits.