Reference: CERT-EU Security Advisory 2015-325 Title: Logjam Attack Version history: 04.06.2015 Initial publication. Dear Colleagues, Last days was published a new vulnerability related to TSL/SSL protocol called Logjam attack. This vulnerability allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography (which is an old working mode, still there to support legacy system enforcing former US cryptography exportation restrictions). This allows the attacker to read and modify any data passed over the connection. This attack offers a practical "break" of the TLS protocol against poorly configured servers and affects any server that supports DHE_EXPORT ciphers, and all modern web browsers. This attack takes advantages of the fact that the authentication process takes place only at the end of the TLS handshake and relies on the ability of the attacker to recover the secret key, quickly enough to tamper the server exchange Finished messages of the handshake. The use of 512-bit export-grade cryptography make it easier for the attacker to recover the secret key[1,2]. Recommendations: =============== Web or mail server should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. Here there is link a guide to do that in several OS [3]. In any case consider to review the documentation of your specific provider about this issue. In the case the affected system only supports DHE_EXPORTS ciphers a risk assessment has to be done, in order to take a decision about them. Browsers should be patched to the most recent version. CERT-EU is probing public ranges of our constituency in order to discover and report affected systems. References: ========== [1] http://blog.cryptographyengineering.com/2015/05/attack-of-week-logjam.html [2] https://weakdh.org/ [3] https://weakdh.org/sysadmin.html [4] https://weakdh.org/imperfect-forward-secrecy.pdf Best Regards, CERT-EU Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html