Logjam attack

 May 20, 2015

Today it was published a new kind of downgrade attack against TLS: logjam. The attack relies on the fact that for Diffie-Hellman key exchanges, a prime is necessary. Many applications use a pre-generated prime to speed up the Diffie-Hellman process. Using a pre-generated prime is not a security issue by itself, but it can become one if coupled with a server that accepts very short Diffie-Hellman keys such as the 512 bits ones (the maximum allowed for DHE_EXPORT).

Those downgrade attacks are easily avoidable by actively disabling all insecure configurations on the server or the client. Very often, people tend to configure, or leave configured, a lot of not-very-secure options to ensure that even very old clients can access their servers. I think this way of thinking makes no sense since. To allow some old clients to access your system, you are endangering all your clients.