Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3439
Views
0
Helpful
3
Replies

AES 256 and DH Group 2

Ruterford
Level 1
Level 1

‎10-03-2012 11:24 AM

Hello,

Is anybody using AES 256 and DH group 2 for L2L VPN tunnels?

Wondering if this is a must to use AES 256 with DH Group 5, since Cisco in some examples are using even DH1 which is default, along with AES 256 enabled.

Thanks.

Labels:
0 Helpful
3 Replies 3

Karsten Iwen
VIP
VIP

‎10-03-2012 12:06 PM

you are completely free which algorithms you choose. Don't look to much on the examples on CCO. Very often they are not best practices.

You could choose your settings on the recommendations of http://www.keylength.com.

I would avoid DES, 3DES, DH1, DH2 and MD5. My typical choice is AES128, DH5, SHA-1 (for IKEv1 VPNs).

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

0 Helpful

Ruterford
Level 1
Level 1
In response to Karsten Iwen

‎10-03-2012 12:12 PM

Thanks for your answer, although it does not answer my question completely re: AES 256 with DH Group 2.

The calculation on the web site provided says that it is safe to use even aes-128 till year 2015, but there is nothing about DH group.

Is it unsafe to use AES 256 with DH Group2?

0 Helpful

Karsten Iwen
VIP
VIP
In response to Ruterford

‎10-03-2012 01:13 PM 

although it does not answer my question completely re: AES 256 with DH Group 2.

well, you are completely free in what you choose. You can choose AES256 with DH-2. And yes, I have that running with some external partners.

but there is nothing about DH group.

DH is asymmetric cryptographie. You can compare it with the values for other asymmetric algorithms like RSA.

Is it unsafe to use AES 256 with DH Group2?

1024 bitlength for asymmetric algorithms is not considered safe enough any more. DH-5 is the minimum, DH-14 is the better choice if available.

And there are cryptographers saying AES128 is probably more secure then AES256:

http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents