Logjam attack, similar to the FREAK vulnerability, breaks TLS security

8512510_sNot so long ago, a massive vulnerability in SSL security forced browsers to use weak encryption under certain circumstances, which would allow hackers to spy on sensitive and otherwise secure data. This vulnerability was dubbed FREAK as it involved RSA export keys. Now, a similar issue has emerged concerning Diffie-Hellman keys and TSL security. All servers supporting export-grade 512-bit Diffie-Hellman cryptography are affected.

Use of weak encryption leads to man in the middle scenario

At the heart of the problem is a ’90s US government policy that restricted export of strong encryption keys.

The Logjam attack technique involves downgrading a vulnerable server to weak 512 bit encryption. Then, the attacker must break the weaker encryption key using computing resources. Once the encryption is broken, the attacker can view or modify any of the information passing through the affected connection. Thus, sensitive data passing between the server and client computers is leaked. Since the procedure requires cracking an encryption key, this type of attack is mostly going to be carried out by hackers with significant resources and computing power. This makes state-level organizations and intelligence agencies perfect candidates. In fact, the researchers behind the discovery also say that NSA documents leaked by Edward Snowden suggest that the agency may have been able to break the prime numbers used in the Diffie-Hellman key exchange.

Logjam was discovered through a joint study conducted by CNRS, Inria Nancy-Grand Est, Inria Paris-Rocquencourt, Microsoft Research, Johns Hopkins University, University of Michigan, and the University of Pennsylvania. Their findings are detailed in this post.

According to the post, all TLS-dependent services that support DHE_EXPORT ciphers are at risk:

  • HTTPS (Top 1 million domains) – 8.4% vulnerable
  • HTTPS (Browser Trusted Sites) – 3.4% vulnerable
  • SMTP+StartTLS (IPv4 Address Space) -14.8% vulnerable
  • POP3S (IPv4 Address Space) – 8.9% vulnerable
  • IMAPS (IPv4 Address Space) – 8.4% vulnerable

The researchers also stated:

“Millions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange. Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve—the most efficient algorithm for breaking a Diffie-Hellman connection—is dependent only on this prime. After this first step, an attacker can quickly break individual connections”

Server administrators are recommended to disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. Internet Explorer has already been updated to eliminate the vulnerability and patches for other browsers are a work in progress. Almost ever transaction relies massively on maintaining secure client-server communication which is why any encryption breaking vulnerability a major concern.

Have a nice (secure) day!