FFDHE groups
E191792
FFDHE groups are standardized finite-field Diffie-Hellman parameter sets designed to provide interoperable, secure key exchange in modern cryptographic protocols.
All labels observed (2)
| Label | Occurrences |
|---|---|
| FFDHE for TLS | 1 |
| FFDHE groups canonical | 1 |
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
cryptographic parameter set family
ⓘ
finite-field Diffie-Hellman group ⓘ |
| applicability |
environments without elliptic-curve support
ⓘ
systems requiring only finite-field cryptography ⓘ |
| benefit |
interoperable security levels across implementations
ⓘ
reduced risk of maliciously generated DH parameters ⓘ simplified configuration for implementers ⓘ |
| bitLengthRange | 2048 to 8192 bits ⓘ |
| comparedTo | ECDHE groups ⓘ |
| cryptographicPrimitive | finite-field Diffie-Hellman ⓘ |
| definedInRFC | RFC 7919 ⓘ |
| designProperty |
avoidance of custom, ad-hoc DH parameters
ⓘ
interoperability across implementations ⓘ large prime order subgroup ⓘ public, standardized parameters ⓘ safe prime modulus ⓘ |
| groupStructure | multiplicative group modulo a prime ⓘ |
| includesGroup |
ffdhe2048
ⓘ
ffdhe3072 ⓘ ffdhe4096 ⓘ ffdhe6144 ⓘ ffdhe8192 ⓘ |
| largerSizesProvide | higher security margin ⓘ |
| parameterOrigin | generated and vetted by the IETF process ⓘ |
| parameterType |
generator
ⓘ
prime modulus ⓘ subgroup order ⓘ |
| recommendedMinimumSize | 2048 bits ⓘ |
| relatedTo | elliptic-curve Diffie-Hellman groups ⓘ |
| replaces | non-standard finite-field DH parameter sets ⓘ |
| securityAssumption |
hardness of the Diffie-Hellman problem
ⓘ
hardness of the discrete logarithm problem ⓘ |
| securityGoal |
confidentiality
ⓘ
forward secrecy ⓘ resistance to passive eavesdropping ⓘ |
| standardizedBy | Internet Engineering Task Force ⓘ |
| statusInTLS13 |
less preferred than ECDHE in most deployments
ⓘ
optional key exchange mechanism ⓘ |
| threatModel | discrete logarithm problem in finite fields ⓘ |
| usedFor |
ephemeral Diffie-Hellman key exchange
ⓘ
key exchange ⓘ |
| usedInProtocol |
IKEv2
ⓘ
IKEv1 ⓘ
surface form:
Internet Key Exchange
TLS 1.2 ⓘ RFC 8446 ⓘ
surface form:
TLS 1.3
TLS ⓘ
surface form:
Transport Layer Security
|
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
Instruction
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Input
Subject: FFDHE groups Description of subject: FFDHE groups are standardized finite-field Diffie-Hellman parameter sets designed to provide interoperable, secure key exchange in modern cryptographic protocols.
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.