0

I am referring this post https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/ and trying to see a website is vulnerable to Logjam or not.

I try with www.google.com:443 but I am getting Server Temp Key: X25519, 253 bits. Does this mean Google is vulnerable to LogJam?

(The command to use is $ openssl s_client -connect www.example.com:443 -cipher "EDH")

I would like to try this in my SIT IP and port, which is not open to public, so I am not sure the way I do is correct or not.

As my understanding, Google will not likely be vulnerable to Logjam, right?

If you have a better way to verify, kindly advise.

Panadol Chong
  • 101
  • 1
  • Add the command you ran in the question. 253 bits of security in ECDH should be more secure than 8k bits in regular DH. – user Oct 21 '19 at 13:21
  • How can I verify its vulnerable to Logjam or not? – Panadol Chong Oct 22 '19 at 03:04
  • First off, Logjam only applies to 'classic' aka integer aka modp aka Zp DH(E), not _ever_ ECDH(E). Second, you were apparently using OpenSSL 1.1.1 which supports TLS1.3 -- which google also did and does, so by default it was selected and in TLS1.3 ciphersuites no longer control (or even influence) keyexchange. If you use `-no_tls1_3 -cipher EDH` (or better `-cipher DHE` which has been preferred since 1.0.2) you will see that google no longer accepts classic-DH _at all_, and thus does not use _any_ group (at least now, I can't prove for last year). – dave_thompson_085 Jul 19 '20 at 03:03

2 Answers2

0

The openssl commands that site on the post won't work on any modern versions of openssl. Precisely because they are no longer supporting connections to insecure sites by default. You may compile your own version with support for deprecated ciphers, but I guesss you didn't.

The easiest way for you to verify it would be to briefly open it to be reachable by Qualys checker IP addresses and test it with https://www.ssllabs.com, as that will relieve you the burden of checking -with separate tools- all those things.

Ángel
  • 17,578
  • 3
  • 25
  • 60
  • Hi Angel, so sorry that I am too new on this. Can you teach me how to compile the version with support for deprecated ciphers? Actually the main purpose is, the website I support is being reported having vulnerable to Logjam, I first time see this word, thus I just google around and find something to fix. However, I cant test my solution in production environment. I need to verify in SIT first, but SIT ip is not open to public, its in internal network. Thus, I need something to test the result is vulnerable Logjam or not before and after my solution. – Panadol Chong Oct 22 '19 at 03:04
  • It's not the ciphersuites that are deprecated, only too-small groups aka parameters. DHE suites in 1.0-2 still work fine with adequate groups, and standardized (adequate) FFDHE groups still work in 1.3, although in both ECDHE is usually _preferred_. For the versions of OpenSSL with the change (1.0.1n and 1.0.2b up, and all 1.1.x) there is no config or compile option, you'll need to patch. – dave_thompson_085 Jul 19 '20 at 03:07
0

The easiest method would be to use testssl.sh on a Linux system that can access the site. The command below will give you plenty of information about the security of your TLS implementation, including whether or not it is vulnerable to LOGJAM:

./testssl.sh https://yourSIT-IP.com:yourPort

If you just want to test LOGJAM specifically

./testssl.sh https://yourSIT-IP.com:yourPort -J
Unencoded
  • 201
  • 1
  • 7