Home / Early Warning / Cybersecurity Highlights / Logjam, another SSL vulnerability

Logjam, another SSL vulnerability

05/20/2015

The Diffie-Hellman protocol, used for key exchangement by others such as HTTPS, SSH IPSec and any other based on TLS, is affected by a vulnerability that allows a MITM attacker downgrade cyphering level to 512 bits. With this security level and using precomputed data, it is possible to quickly guess the key exchanged. This vulnerability reminds of FREAK is not dueto an error in implementation but to an error in TLS protocol.