search cancel

Diffie-Hellman key exchange modulus size in Messaging Gateway


Article ID: 171901


Updated On:


Messaging Gateway


For some secure TLS communication, the secure enchange of encryption keys occurs using the Diffie-Hellman (DH) key exchange algorithm. This algorithm allows for the exchange of information in such a way that both ends of the communication construct a shared encryption key without passing that key over an unsecure channel.

Messaging Gateway (SMG) 10.6.5 and earlier uses a 1024 bit DH key exchange modulus which may show up on some PCI compliance audits as a potential concern.



While a 1024 bit DH key exchange modulus does not represent a significant security issue at this time, the modulus size is being increased in SMG 10.6.6 and later releases to ensure that SMG does not generate alerts on PCI compliance scans.