Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8308676

Release Note: The Default TLS Diffie-Hellman Group Size Has Been Increased from 1024-bit to 2048-bit

XMLWordPrintable

    • Icon: Backport Backport
    • Resolution: Delivered
    • Icon: P3 P3
    • 7u401
    • 7u401, 8u391, 11.0.21-oracle, 17.0.9-oracle, 21
    • security-libs

      The JDK implementation of TLS 1.2 now uses a default Diffie Hellman keysize of 2048 bits when a TLS_DHE cipher suite is negotiated.

      As a workaround, users can revert to the previous size by setting the `jdk.tls.ephemeralDHKeySize` system property to 1024 (at their own risk).

            mpalmerj Marc Palmerjohnson
            mullan Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: