All modern web browsers are vulnerable to the Logjam attack which takes advantage of weaknesses in the deployment of a popular cryptographic algorithm.
Researchers from several universities and institutions conducted the study that uncovered the issue. In a report published late last week, the researchers report two attack methods.
Diffie-Hellman key exchange allows Internet protocols such as HTTPS, SSH, IPsec, SMTPS and those that depend on TLS to agree on a shared key and negotiate a secure connection.
In the first method, a man-in-the-middle attacker can downgrade a vulnerable TLS connection to 512-bit export-grade cryptography which would allow the attacker to read and change the data. It affects all modern web browsers and any server that supports DHE_EXPORT ciphers, the researchers claimed.
The second threat is at a level that is most likely to be implemented by state-sponsored attackers. The researchers say that because millions of HTTPS, SSH and VPN servers use the same prime numbers for Diffie-Hellman key exchange, once this is broken, an attacker can “quickly break individual connections”.
Testing their method against the most common 512-bit prime used for TLS, they found that the Logjam attack can downgrade TLS connections in 80 percent of cases where the server is using DHE_EXPORT.
The team estimates that an academic team can break 768-bit primes and that a nation-state could break a 1024-bit prime. By breaking one 1024-bit prime, a hacker could eavesdrop on 18 percent of the top one million HTTPS domains. Breaking a second prime would open up 66 percent of VPNs and 26 percent of SSH servers.
“A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break,” the researchers said.
The researchers have published a paper detailing their findings.
If you run a server, the researchers recommend generating a new 2048-bit DH group.
Browser users should update to the lastest versions of Google Chrome, Firefox, Microsoft and Safari are all deploying fixes for the Logjam attack.
CipherCloud commented on its blog that Logjam is a high-risk vulnerability: “The attack does not rely on social engineering like getting users to click on a link in an email. In previous attacks an element of social engineering was required. The exploit can be accomplished when the attacker and the user are on the same network – a common scenario when users access cloud applications or corporate networks over public WiFi.”