[openssl-users] Vulnerability >> logjam << downgrades TLS connections to 512 Bit

Jeffrey Walton noloader at gmail.com
Wed May 20 21:29:51 UTC 2015


On Wed, May 20, 2015 at 5:39 AM, Ben Humpert <ben at an3k.de> wrote:
> Technical report: https://weakdh.org/imperfect-forward-secrecy.pdf
>
> Check your browser (currently all are affected) at https://weakdh.org/
>
> Check your Server at https://weakdh.org/sysadmin.html
>
> Deploying Guide: https://weakdh.org/sysadmin.html

Also see "Minimum size of DH",
http://rt.openssl.org/Ticket/Display.html?id=3120&user=guest&pass=guest.
The problem of the small DH group was reported years ago.

I can't help but feel it contributes to this observation from the paper:

    We find that 82% of vulnerable servers use a
    single 512-bit group, allowing us to compromise
    connections to 7% of Alexa Top Million HTTPS sites.

Jeff


More information about the openssl-users mailing list