What is the minimum DH modulus size recommended by Cisco to provide acceptable security when DH must be used instead of an NGE algorithm? (Select the best answer.)
- 768 bits
- 1,024 bits
- 2,048 bits
- 3,072 bits
The minimum DiffieHellman (DH) modulus size recommended by Cisco to provide acceptable security when DH must be used instead of a Next Generation Encryption (NGE) algorithm is 2,048 bits. NGE algorithms are a collection of cryptographic technologies that are efficient, scalable, and expected to provide reliable security for at least the next decade. Because of recent advances in computing power, many cryptographic algorithms no longer provide adequate security. DH algorithms with a smaller modulus size do not provide a level of security that is likely to meet the confidentiality requirements of the enterprise over the next decade.
Increasing the modulus size used by an algorithm can provide a higher level of security? however, if the algorithm is inherently inefficient, the increased modulus size can adversely affect the performance of the device using the algorithm. For maximum security without using an NGE, Cisco recommends using DH with a 3,072bit modulus (DH3072)? however, because DH is not particularly efficient when configured with a large modulus, Cisco considers a 2,048 bit modulus as an acceptable compromise between security and efficiency. Any modulus size less than 2,048 bits, such as 1,024 bits or 758 bits, is not considered to provide an acceptable level of security.
Ideally, standard DH should be replaced with an NGE such as Elliptical Curve DH with a 384bit modulus (ECDH384) for improved security without a negative impact on performance or a loss of scalability. Other examples of NGE algorithms are Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) and Secure Hash Algorithm 2 (SHA2), which includes SHA with a 256bit digest (SHA256) and SHA with a 512bit digest (SHA512).