datatracker.ietf.org
Sign in
Version 5.3.0, 2014-04-12
Report a bug

Additional Diffie-Hellman Groups for Use with IETF Standards
RFC 5114

Document type: RFC - Informational (January 2008)
Was draft-lepinski-dh-groups (individual in sec area)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 5114 (Informational)
Responsible AD: Tim Polk
Send notices to: kent@bbn.com, mlepinsk@bbn.com

Network Working Group                                        M. Lepinski
Request for Comments: 5114                                       S. Kent
Category: Informational                                 BBN Technologies
                                                            January 2008

     Additional Diffie-Hellman Groups for Use with IETF Standards

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Abstract

   This document describes eight Diffie-Hellman groups that can be used
   in conjunction with IETF protocols to provide security for Internet
   communications.  The groups allow implementers to use the same groups
   with a variety of security protocols, e.g., SMIME, Secure SHell
   (SSH), Transport Layer Security (TLS), and Internet Key Exchange
   (IKE).

   All of these groups comply in form and structure with relevant
   standards from ISO, ANSI, NIST, and the IEEE.  These groups are
   compatible with all IETF standards that make use of Diffie-Hellman or
   Elliptic Curve Diffie-Hellman cryptography.

   These groups and the associated test data are defined by NIST on
   their web site [EX80056A], but have not yet (as of this writing) been
   published in a formal NIST document.  Publication of these groups and
   associated test data, as well as describing how to use Diffie-Hellman
   and Elliptic Curve Diffie-Hellman for key agreement in all of the
   protocols cited below, in one RFC, will facilitate development of
   interoperable implementations and support the Federal Information
   Processing Standard (FIPS) validation of implementations that make
   use of these groups.

Lepinski & Kent              Informational                      [Page 1]
RFC 5114            Additional Diffie-Hellman Groups        January 2008

Table of Contents

   1. Introduction ....................................................2
   2. Additional Diffie-Hellman Groups ................................4
      2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup ......4
      2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup ......4
      2.3. 2048-bit MODP Group with 256-bit Prime Order Subgroup ......5
      2.4. 192-bit Random ECP Group ...................................6
      2.5. 224-bit Random ECP Group ...................................7
      2.6. 256-bit Random ECP Group ...................................7
      2.7. 384-bit Random ECP Group ...................................8
      2.8. 521-bit Random ECP Group ...................................9
   3. Using These Groups with IETF Standards ..........................9
      3.1. X.509 Certificates .........................................9
      3.2. IKE .......................................................10
      3.3. TLS .......................................................10
      3.4. SSH .......................................................11
      3.5. SMIME .....................................................11
   4. Security Considerations ........................................12
   5. IANA Considerations ............................................13
   6. Acknowledgments ................................................13
   Appendix A: Test Data .............................................14
      A.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup......15
      A.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup......15
      A.3. 2048-bit MODP Group with 256-bit Prime Order Subgroup......16
      A.4. 192-bit Random ECP Group ..................................17
      A.5. 224-bit Random ECP Group ..................................18
      A.6. 256-bit Random ECP Group ..................................18
      A.7. 384-bit Random ECP Group ..................................19
      A.8. 521-bit Random ECP Group ..................................19
   Normative References ..............................................20
   Informative References ............................................20

1.  Introduction

   This document provides parameters and test data for several
   Diffie-Hellman (D-H) groups that can be used with IETF protocols that
   employ D-H keys, (e.g., IKE, TLS, SSH, and SMIME) and with IETF
   standards, such as Public Key Infrastructure for X.509 Certificates
   (PKIX) (for certificates that carry D-H keys).  These groups
   complement others already documented for the IETF, including the
   "Oakley" groups defined in RFC 2409 [RFC2409] for use with IKEv1, and
   several additional D-H groups defined later, e.g., [RFC3526] and
   [RFC4492].

Lepinski & Kent              Informational                      [Page 2]
RFC 5114            Additional Diffie-Hellman Groups        January 2008

[include full document text]