Security researchers have uncovered a new threat that can leave HTTPS-protected connections at risk. The vulnerability, named by the researchers as “Logjam,” is an flaw that affects the Diffie-Hellman key exchange, a cryptographic algorithm that protocols such as HTTPS, SSH, SMTPS, and others use to negotiate secure connections between the server and the browser on the end user’s computer.
Logjam can effectively allow an attacker to use a man-in-the-middle attack to access encrypted traffic. The vulnerability can force the connection down to 512-bit export-grade cryptography, and in turn making the encrypted data more easily readable. While this is relatively similar to the recent FREAK attack, the researchers note that it attacks the Diffie-Hellman key exchange instead of an RSA key exchange, and is due to a flaw in the TLS protocol instead of an implementation vulnerability.
According to the researchers, approximately 8.4 percent of the top million domains using HTTPS are vulnerable to Logjam, with Pop3S and IMAPS vulnerable in 8.9 percent and 8.4 percent of cases respectively. It is advised to Internet users that they upgrade their browser, with Safari, Internet Explorer, Firefox, and Chrome updates being deployed, while server owners need to disable support for external cipher suites and generate a unique 2048-bit Diffie-Hellman group, as well as upgrading to a the latest version of OpenSSH.
Ars Technica notes that the issue is partly caused by export restrictions put in place by the US government in the 1990s, to allow government agencies the ability to break encryption used in other countries. “Logjam shows us once again why it’s a terrible idea to deliberately weaken cryptography, as the FBI and some in law enforcement are now calling for,” said data scientist J. Alex Halderman to the report. “Today that backdoor is wide open.”
It is suggested by the researchers that the attack can be used to downgrade connections on 80 percent of servers using DHE_Export with a common 512-bit prime, and though an academic team would be able to defeat a 768-bit prime, it is thought a nation-state could break a 1024-bit prime. If someone did, breaking the single most-common 1024-bit prime used by webservers could allow eavesdropping on connections to 18 percent of the top 1 million HTTPS domains, while a second prime could allow for passive decryption of 66 percent of VPN servers and 26 percent of SSH servers. If left unpatched, Logjam would be a potential goldmine for government agencies performing online surveillance.
