Stories
Slash Boxes
Comments

SoylentNews is people

New TLS Encrypted Connection Vulnerability "Logjam"

posted by CoolHand on Thursday May 21 2015, @06:20AM   Printer-friendly
from the vulnerability-of-the-week dept.

kaszz writes:

There's a new TLS protocol security vulnerability found that can be exploited using protocol downgrade that was left in place due to previous U.S. government export restrictions its been named "Logjam". It affects servers supporting the Diffie-Hellman key exchange, and it's caused by export restrictions mandated by the U.S. government during the Clinton administration. "Attackers with the ability to monitor the connection between an end user and a Diffie-Hellman-enabled server that supports the export cipher can inject a special payload into the traffic that downgrades encrypted connections to use extremely weak 512-bit key material. Using precomputed data prepared ahead of time, the attackers can then deduce the encryption key negotiated between the two parties."

Internet Explorer is the only browser yet updated to block such an attack — patches for Chrome, Firefox, and Safari are expected soon. The researchers add, "Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers. A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break." Here is their full technical report (PDF).

Time for a complete overhaul?

[Update: Thanks to Canopic Jug for locating and providing a link to the Common Vulnerabilities and Exposures entry CVE-2015-4000; check there for official information and updates.]

 
This discussion has been archived. No new comments can be posted.
New TLS Encrypted Connection Vulnerability "Logjam" | Log In/Create an Account | Top | 24 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by wonkey_monkey on Thursday May 21 2015, @07:55AM

    by wonkey_monkey (279) on Thursday May 21 2015, @07:55AM (#185934) Homepage

    Breaking the single, most common 1024-bit prime used by web servers

    Well that's sound like a security risk for a start. Shouldn't they all be using different 1024-bit primes?

    --
    systemd is Roko's Basilisk
    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2, Informative) by Anonymous Coward on Thursday May 21 2015, @08:02AM

    by Anonymous Coward on Thursday May 21 2015, @08:02AM (#185938)
    Generating new DH parameters is an expensive and time-consuming task. I've tried to do this for my OpenVPN setups and it takes quite a bit of time (about an hour as I recall, but that's for a 4096-bit DH), and both client and server sides have to agree on which DH parameters ought to be used.

    • (Score: 2) by kaszz on Thursday May 21 2015, @08:04AM

      by kaszz (4211) on Thursday May 21 2015, @08:04AM (#185940) Journal

      Use a DSP or FPGA?

    • (Score: 2) by wonkey_monkey on Thursday May 21 2015, @12:54PM

      by wonkey_monkey (279) on Thursday May 21 2015, @12:54PM (#186003) Homepage

      I actually only meant it as a joke, because it sounds like all servers are using the same single prime number. But I still got Insightful.

      --
      systemd is Roko's Basilisk

      • (Score: 3, Informative) by monster on Thursday May 21 2015, @04:21PM

        by monster (1260) on Thursday May 21 2015, @04:21PM (#186064) Journal

        Well, looks like your joke agrees with Bruce Schneier [schneier.com]:

        The good news is now that we know reusing prime numbers is a bad idea, we can stop doing it.

        Maybe Insightful wasn't off the mark, after all.

        • (Score: 3, Insightful) by janrinok on Thursday May 21 2015, @06:41PM

          by janrinok (52) Subscriber Badge on Thursday May 21 2015, @06:41PM (#186143) Journal
          Maybe we have underestimated the number of idiots out there....