Logjam - new TLS vulnerability
A new vulnerability called Logjam has been found in various implementations of the TLS protocol. The vulnerability is similar to another called FREAK, which was written earlier . Logjam also belongs to the “downgrade” type and allows the client to lower encryption strength to 512 DH bits, provided the server supports the DHE_EXPORT cipher, which is specified in the “handshake” process between the client and the server. T. o. it is much easier for an attacker to organize a Man-in-the-Middle (MitM) attack. The vulnerability affects both server software using OpenSSL ( Logjam, FREAK and Upcoming Changes in OpenSSL ) , and web browsers.
Web browsers Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari are vulnerable. Currently, the vulnerability has been fixed only in IE, for which the MS15-055 update has been released. In turn, other browsers are awaiting updates, as is the free software package OpenSSL. Vulnerability is also relevant for OS X, iOS, Android.
Fig. Statistics of vulnerable systems.
')
The appearance of the vulnerability was made possible for the same reason as FREAK, due to a special US law that imposes restrictions on the export of strong ciphers ( export restrictions mandated by the US government during the Clinton administration ). That is, when using TLS outside the United States, its durability can be specifically reduced.
When establishing a connection between the client and the server, attackers can interfere with this process and quietly switch sides on using a weak cipher with 512-bit keys, and then try to decrypt the traffic.
The user can control the interplay.
Actions and corrections required by system administrators can be found at this link weakdh.org/sysadmin.html .
Add. links to research.
The logjam attack
weakdh.org
Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice [PDF]
weakdh.org/imperfect-forward-secrecy.pdf
Logjam: the latest TLS vulnerability explained
blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained
Security protocols
www.symantec.com/connect/blogs/logjam-latest-security-flaw-affect-secure-communication-protocols
HTTPS-crippling attack threatened thousands of web and mail servers
arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers
Web browsers Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari are vulnerable. Currently, the vulnerability has been fixed only in IE, for which the MS15-055 update has been released. In turn, other browsers are awaiting updates, as is the free software package OpenSSL. Vulnerability is also relevant for OS X, iOS, Android.
Fig. Statistics of vulnerable systems.
')
The appearance of the vulnerability was made possible for the same reason as FREAK, due to a special US law that imposes restrictions on the export of strong ciphers ( export restrictions mandated by the US government during the Clinton administration ). That is, when using TLS outside the United States, its durability can be specifically reduced.
When establishing a connection between the client and the server, attackers can interfere with this process and quietly switch sides on using a weak cipher with 512-bit keys, and then try to decrypt the traffic.
The user can control the interplay.
Actions and corrections required by system administrators can be found at this link weakdh.org/sysadmin.html .
Add. links to research.
The logjam attack
weakdh.org
Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice [PDF]
weakdh.org/imperfect-forward-secrecy.pdf
Logjam: the latest TLS vulnerability explained
blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained
Security protocols
www.symantec.com/connect/blogs/logjam-latest-security-flaw-affect-secure-communication-protocols
HTTPS-crippling attack threatened thousands of web and mail servers
arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers
Source: https://habr.com/ru/post/258461/
All Articles