What is the minimum DH modulus size recommended by Cisco to provide acceptable security when DH must
be used instead of an NGE algorithm? (Select the best answer.)
The minimum DiffieHellman (DH) modulus size recommended by Cisco to provide acceptable security when
DH must be used instead of a Next Generation Encryption (NGE) algorithm is 2,048 bits. NGE algorithms are a
collection of cryptographic technologies that are efficient, scalable, and expected to provide reliable security for
at least the next decade. Because of recent advances in computing power, many cryptographic algorithms no
longer provide adequate security. DH algorithms with a smaller modulus size do not provide a level of securitythat is likely to meet the confidentiality requirements of the enterprise over the next decade.
Increasing the modulus size used by an algorithm can provide a higher level of security? however, if the
algorithm is inherently inefficient, the increased modulus size can adversely affect the performance of the
device using the algorithm. For maximum security without using an NGE, Cisco recommends using DH with a
3,072bit modulus (DH3072)? however, because DH is not particularly efficient when configured with a large
modulus, Cisco considers a 2,048 bit modulus as an acceptable compromise between security and efficiency.
Any modulus size less than 2,048 bits, such as 1,024 bits or 758 bits, is not considered to provide an
acceptable level of security.
Ideally, standard DH should be replaced with an NGE such as Elliptical Curve DH with a 384bit modulus
(ECDH384) for improved security without a negative impact on performance or a loss of scalability. Other
examples of NGE algorithms are Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) and
Secure Hash Algorithm 2 (SHA2), which includes SHA with a 256bit digest (SHA256) and SHA with a 512bit
Cisco: Next Generation Encryption: Recommendations for Cryptographic Algorithms