Logjam flaw crimps TLS encryption

A newly discovered TLS vulnerability that affects thousands of websites, servers and browser users could allow attackers to bypass encryption.

An international team of researchers has released a paper showing a significant vulnerability in the Transport Layer Security (TLS) protocol that allows attackers to downgrade the encryption used over secure connections to a point where it can be broken.

Based on an Internet-wide scan it performed, the research team estimates that 8.4% of the top million Internet domains are susceptible to the TLS vulnerability, known as Logjam. Additionally, the majority of commonly used browsers are at least theoretically vulnerable to Logjam.

The attack can be mounted at varying degrees of vulnerability based on the size of the prime numbers used in key generation. Attacks based on 512-bit primes, the researchers say, are well within the reach of ordinary hackers (though a certain amount of math savvy may be required). In instances where the communication downgrades to larger primes, the researchers feel the attack is well within the reach of nation-state adversaries. In fact, the researchers said that close examination of leaked NSA documents “shows that the agency’s attacks on VPNs are consistent with having achieved such a break,” according to the Logjam research paper.

Kevin Bocek, vice president of security strategy and threat intelligence at SSL encryption vendor Venafi, noted that “weakened encryption protocols like this one with Diffie-Hellman are a disaster waiting to happen.”

“Heartbleed, LogJam, FREAK, Superfish and so many other examples reinforce that there’s too much blind trust when it comes to SSL/TLS, certificates and trust. And I have no doubt that we’ll continue to find many more protocol, crypto and certificate vulnerabilities out there lurking,” Bocek said.

At a website dedicated to describing the flaw (and testing browsers to see if they are vulnerable), the team explained the general outline of the attack: “Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols, including HTTPS, SSH, IPsec, SMTPS and protocols that rely on TLS. While the fundamentals of Diffie-Hellman exchange remain unproblematic, the team said it has ‘uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed.'”

A full description of the technical details are included in the paper authored by the team, comprising researchers at Inria Nancy-Grand Est, Inria Paris-Rocquencourt, Microsoft Research, Johns Hopkins University, University of Michigan and the University of Pennsylvania.