Diffie-Hellman. The Diffie-Hellman key-exchange algorithm is a secure algorithm that offers high performance, allowing two computers to publicly exchange a shared value without using data encryption. The exchanged keying material that is shared by the two computers can be based on 768, 1024, or 2048 bits of keying material, known as Diffie-Hellman groups 1, 2, and 2048, respectively.

OpenSSH 6.2 offers the following key exchange algorithms by default. ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group1-sha1 The group size of the first three is obvious. The same holds for the last two. From the openssl wiki page for the Diffie Hellman Key Exchange: If Alice and Bob wish to communicate with each other, they first agree between them a large prime number p, and a generator (or base) g (where 0 < g < p). Alice chooses a secret integer a (her private key) and then calculates g^a mod p (which is her public key). The real issue is that most of the Cisco IOS versions use 1024-bit key size for Diffie-Hellman used for key exchange, by default. Though, there are old Cisco IOS versions that use 768-bit DH key size, by default. Prior the year of 2016, 1024-bit key size is adequate. However, NIST’s recommendation is to use 2048-bit key size or higher. crypto key generate rsa general-keys modulus 2048. But I'm still seeing a 1024 key, anyone know why this is? SSH Enabled - version 2.0 Authentication timeout: 120 secs; Authentication retries: 3. Minimum expected Diffie Hellman key size : 1024 bits. IOS Keys in SECSH format(ssh-rsa, base64 encoded): EDIT: Figured out my problem, needed this no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 . I've searched and found similar issues here and elsewhere which were solved by increasing the size of the diffie-hellman key used to something like 2048 or 4096 with the cli command `ip ssh dh min size 2048`. Diffie-Hellman key exchange (D–H) is a method that allows two parties to jointly agree on a shared secret using an insecure channel. Exchange Algorithm ¶ For most applications the shared_key should be passed to a key derivation function.

## The SSL/TLS service uses Diffie-Hellman groups with insufficient strength (key size 2048). Vulnerability Insight: The Diffie-Hellman group are some big numbers that are used as base for the DH computations. They can be, and often are, fixed. The security of the final secret depends on the size of these parameters.

However the "ip ssh dh min size 2048" should prevent the use of diffie-hellman-group-exchange-sha1. If you can verify this then you have complied, just the scan is giving a false positive. If you can verify this then you have complied, just the scan is giving a false positive. The Diffie-Hellman algorithm depends for its effectiveness on the difficulty of computing discrete logarithms. True A key exchange protocol is vulnerable to a man-in-the-middle attack if it does not authenticate the participants. Key size (Default/Min/Max) CYLINK Message Encryption Algorithm: Encryption: Block: 40/40/40: Data Encryption Standard (DES) Encryption: Block: 56/56/56: Diffie-Hellman Key Exchange Algorithm: Key exchange: Diffie-Hellman: 512/512/1024: Diffie-Hellman Ephemeral Algorithm: Key exchange: Diffie-Hellman: 512/512/1024: Digital Signature Algorithm

### Diffie–Hellman key exchange (DHE) and Elliptic curve Diffie–Hellman key exchange (ECDHE) are in 2013 the only schemes known to have that property. In 2013, only 30% of Firefox, Opera, and Chromium Browser sessions used it, and nearly 0% of Apple's Safari and Microsoft Internet Explorer sessions. [23]

Diffie-Hellman and secret key size. Diffie-Hellman article on Wikipedia does not mention any thing about the use of HKDF. The only near feasible thing is the PK