Logjam is a vulnerability in TLS implementations. It targets the Diffie-Hellman key exchange and allows downgrading the security if the server supports weak DH keys.
Questions tagged [logjam]
8 questions
22
votes
2 answers
Why is Mozilla recommending predefined DHE groups?
In a revision dated 2016-10-31, Mozilla changed their Server Side TLS recommendation from generating a random DH group to the ones published in RFC 7919. Mozilla claims:
These groups are audited and may be more resistant to attacks than ones…
willwill
- 495
- 5
- 9
9
votes
3 answers
Does the recommended course of action for preventing Logjam on Tomcat servers really eliminate all risks of weak DH keys?
Can anyone verify this fix secures against the Logjam vulnerability for Apache Tomcat?
I'm sceptical about it's effectiveness, since it doesn't mention how to implement the user defined 2048 bit DH parameter file in Tomcat, but its cipher list does…
Casper
- 93
- 1
- 6
3
votes
1 answer
Setup Wireshark to decrypt TLS_DHE
I have a passively sniffed traffic dump of client/server were packets are encrypted with cipher suite
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
With a Logjam attack I managed to find the DH private key.
How do I setup Wireshark to…
Sirt
- 33
- 1
- 4
2
votes
0 answers
Clarification on DH groups
Nikto reports the following via the "ssl-dh-params" NSE script:
Check results:
| WEAK DH GROUP 1
| Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
| Modulus Type: Safe prime
| Modulus Source: mod_ssl…
SilverlightFox
- 33,408
- 6
- 67
- 178
0
votes
0 answers
How to PoC the CVE-2015-4000 logjam vulnerability
I ran testssl.sh on a server and can see that it is vulenrable to logjam.
Now I am interested in doing a PoC to validate the server is exploitable to this vulenrability.
I searched through google but most articles explain the vulnerability and how…
ethicalhacker
- 27
- 6
0
votes
2 answers
Command to check a website is vulnerable to Logjam
I am referring this post https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/ and trying to see a website is vulnerable to Logjam or not.
I try with www.google.com:443 but I am getting Server Temp Key: X25519, 253 bits. Does…
Panadol Chong
- 101
- 1
0
votes
1 answer
Logjam definition question
As I understand it, the Logjam TLS attack is an attack that downgrades the DHE cipher suite used by the server to DHE_EXPORT. Where the client thinks it is talking DHE 512 and the server things it's talking DHE_EXPORT (which is 512 but with a…
Wealot
- 879
- 2
- 12
- 25
0
votes
1 answer
How can a RSA-2048 certificate be vulnerable to logjam attack?
Most likely I am missing some fundamentals: Our web servers are secured with TLS encryption. We use RSA-2048 bit certificates. The logjam attack targets the DH algorithm. How can our web servers be vulnerable to the logjam attack? Is a combination…
gunnar247
- 13
- 2