Home

MODP

MODP refers to a class of predefined Diffie-Hellman groups used for secure key exchange. Each MODP group consists of a large prime modulus p and a generator g. In a typical exchange, party A computes A = g^a mod p and party B computes B = g^b mod p, and both derive the shared secret g^(ab) mod p. The security relies on the difficulty of the discrete logarithm problem in the chosen group, while the predefined nature of the parameters promotes interoperability between implementations without requiring on-the-fly prime generation.

Standard MODP groups are published and maintained to ensure compatibility across protocols. A widely cited set

Usage and security: MODP groups are used to establish ephemeral, forward-secure keys in protocols such as TLS,

---

comes
from
the
Internet
Engineering
Task
Force
(IETF)
in
RFC
3526
and
related
documents.
These
groups
include
1024-bit
Group
2,
2048-bit
Group
14,
3072-bit
Group
15,
4096-bit
Group
16,
6144-bit
Group
17,
and
8192-bit
Group
18.
Generators
commonly
used
with
these
moduli
are
small
integers
such
as
2
or
5.
Larger
groups
provide
stronger
protection
against
brute-force
attacks
but
incur
higher
computational
and
bandwidth
costs.
SSH,
and
IPsec.
To
mitigate
certain
attacks,
primes
are
often
chosen
as
safe
primes,
and
implementations
should
validate
peer
public
values
to
ensure
they
lie
within
the
expected
subgroup.
While
widely
deployed,
some
security
practitioners
advocate
moving
toward
elliptic-curve
Diffie-Hellman
due
to
better
security-per-bit
and
efficiency
at
equivalent
sizes.