Called the Logjam attack, this new potential vulnerability allows an attacker to intercept HTTPS connections between vulnerable clients (browsers) and servers and force them to downgrade the connection to 512-bit export-grade cryptography. The attacker can then read and change any data passed through this connection. The attack is similar to the FREAK attack because it relies on a flaw in the TLS protocol but differs because it attacks the Diffie-Hellman key exchange instead of the RSA key exchange.
The vulnerability does not affect SSL Certificates and does not require any action related to certificate management.
What Is the Logjam Attack? More Importantly, What Does It Do?
During the ’90s, the US government set up restrictions for exporting encryption systems. These rules aimed at SSL 3.0 and TLS 1.0 enforced support for weaker DHE_EXPORT cipher suites. Eventually the rules were changed and the export restrictions removed. Unfortunately, some TLS servers still used a two-group configuration: 1024-bit for standard DHE key exchanges and 512-bit for legacy DHE_EXPORT, while all browsers still support the weak DHE_EXPORT ciphers.
This month, a team of researchers revealed that the old DHE export-grade cryptographic suites are still being used. They also discovered that servers with support for these DHE_EXPORT cipher suites enabled could allow a man-in-the-middle (MITM) to trick clients that support the weak DHE_EXPORT cipher suites into downgrading their connection to a 512-bit key exchange. Then MITM attackers could use preconfigured data along with today’s computing power to crack the keys. Once the encryption of the session is cracked, the MITM can steal any ‘secured’ personal information from the session.
To be vulnerable, the following criteria must be met: The server must support DHE_EXPORT cipher suites AND the client must offer a DHE_EXPORT suite.
Vulnerable clients include unpatched versions of the following browsers:
- Internet Explorer
What Should I Do?
- Use DigiCert Certificate Inspector to scan for vulnerable servers and to see a list of enabled ciphers.
- Disable support for all DHE_EXPORT cipher suites on your servers.
Administrators should also make sure to use at least 2048-bit private keys for any SSL Certificate. In the future, administrators should plan on enabling elliptic curve Diffie-Hellman (ECDHE) key exchange on their servers.
- Update their browsers to the most recent version (post 05/20/2015).
- Watch for updates to other client-side software to address security concerns.
Administrators following current best practices, including ending support for all weak cipher suites, should already be up-to-date. The Logjam report reinforces the critical need to know how SSL/TLS is deployed across your enterprise and the need for constant, real-time analysis of server security and vulnerability assessment.
The DigiCert Certificate Inspector tool simplifies SSL vulnerability checking by analyzing internal and external SSL deployments and providing key details about any vulnerable server configuration. To quickly review the current state of SSL across your enterprise, use Certificate Inspector.