Nobody likes a logjam. But in the computer world it can be downright dangerous. A new encryption flaw called Logjam could put Web users' data at risk. Logjam allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade Diffie-Hellman cryptography, according to Matthew Green, an assistant research professor in the department of computer science at Johns Hopkins University.
That, in turn, opens the door for attackers to read and modify any data passed over the connection. It is unclear if hackers have tapped into any of the flaws, but news reports are pointing to National Security Agency use of the vulnerability to spy on virtual private networks.
“The attack is reminiscent of the FREAK attack, but is due to a flaw in the TLS protocol rather than an implementation vulnerability, and attacks a Diffie-Hellman key exchange rather than an RSA key exchange,” according to an alert about the flaw from the researchers. “The attack affects any server that supports DHE_EXPORT ciphers, and affects all modern Web browsers. 8.4 percent of the top 1 million domains were initially vulnerable.” (The FREAK flaw allows attackers to decrypt HTTPS-protected traffic passing between vulnerable devices and potentially millions of Web sites.)
What Should Really Concern You
We asked Branden Spikes, founder, CEO and CTO of Spikes Security, which develops technology for secure online Web browsing, for his assessment of the Logjam computer bug. He told us it’s a good move for browsers to raise the bar on encryption key strength.
That's because compute power is increasing and hackers are gaining access to botnets and cryptocurrency mining devices that make key cracking too trivial for comfort, he said.
“What really concerns me about Logjam and vulnerabilities giving hackers access to encrypted Web traffic is that it further exposes browsers to ‘watering hole’ attacks,” Spikes said. “Imagine if attackers gain credentials and access to content authoring suites at popular Web sites, and use this access to maliciously customize trusted content to spread malware via drive-by without any need for phishing.”
It's all well and good that browsers are getting patched to address this, but now the burden rests with users and IT professionals to distribute the patches, he said.
“I think the task of updating billions of browsers on all platforms, including those browsers nested within mobile apps and IOT devices, might be daunting and take a long time,” Spikes concluded. “Suffice to say if Logjam gets exploited in the wild, we’re in for quite a busy summer. Centralized and efficient control of browsers should be top of mind for network administrators.”
Never a Good Idea
Ivan Ristic, director of engineering at cloud security firm Qualys, told us Logjam is yet another reminder that supporting obsolete cryptography is never a good idea. Even though TLS provides a negotiation mechanism that should in theory enable modern clients to communicate using only strong security, in practice there are ways to abuse either the clients or the protocol and perform downgrade attacks, he said.
“Diffie-Hellman key exchange strength is a relatively obscure aspect of TLS protocol configuration,” Ristic said. “Until recently, most Web servers didn't even have an ability to tune this setting, and some servers don't even today.”
Ristic said that wouldn't be a problem, except that most servers default to insecure values. SSL Labs started highlighting servers with weak DH parameters some years ago to raise awareness of this issue.
What You Should Do
According to the security researchers that discovered the flaw, 8.4 percent of the top 1 million domains, 3.4 percent of browser trusted sites, and 14.8 percent of IPv4 address space are vulnerable. Essentially, any Web sites, mail server or other TLS-dependent services that support DHE_EXPORT ciphers are at risk for the Logjam attack.
“If you have a Web or mail server, you should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. Make sure any TLS libraries you use are up-to-date and that you reject Diffie-Hellman groups smaller than 1024-bit, according to the alert.
“Make sure you have the most recent version of your browser installed, and check for updates frequently. Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack," the researchers noted.