There’s a new vulnerability called Logjam making its way across the internet. The so-called Logjam attack is estimated to affect over 80,000 of the top 1 million most-visited websites in the world today and is primarily targeted towards home and corporate users.
Details of the Logjam vulnerability were first released onto weakdh.org. You can visit that website to learn if your browser is vulnerable to an attack (if the bar at the top of the page is red and angry-looking, then you could potentially be affected by the Logjam exploit.
What is the Logjam Attack?
The Logjam attack relies on something called Diffie-Hellman. Diffie-Hellman is used to establish session keys that are a shared secret between two communicating platforms.
When you use SSH or TLS (both of which are common security protocols on the web), you could be using Diffie-Hellman session keys in order to transport data securely. As long as nobody else knows your D-H keys, your data will stay safe between the two parties.
Today, Diffie-Hellman is used all across the internet. It’s used in bank transactions, for example, as well as email communications, VPN connections, social media networks, and many more.
Unfortunately, as you’ve probably guessed by now, Diffie-Hellman session keys have the potential to be hacked.
Researchers discovered that “many implementations of Diffie-Hellman on web servers use weaker parameters.”
As a result, certain web servers could be vulnerable. Using these exploits, an attacker could read or alter data on a secure connection by tricking the browser into using a weaker security protocol.
Here’s what researchers had to say about it:
“We identify a new attack on TLS, in which a man-in-the-middle attacker can downgrade a connection to export-grade cryptography. This attack is reminiscent of the FREAK attack [6], but applies to the ephemeral Diffie-Hellman ciphersuites and is a TLS protocol flaw rather than an implementation vulnerability”
Able to Hack 512-bit and 1024-bit Keys
Amazingly, the new attack not only targets 512-bit keys, but also 1024-bit keys. However, in order to crack the 1024-bit keys, you would need access to “nation-state resources”.
That means your average Joe wouldn’t be able to make a computer to hack the 1024-bit keys. You would need some of the world’s greatest supercomputers.
This has opened the possibility that organizations like the NSA have already relied on this attack to achieve various state goals.
How to Protect Yourself
As mentioned above, you can protect yourself by visiting this website: http://weakdh.org
Visit that site and look at the top of the page. You will see either a red bar or a green bar. The red bar features text telling you your browser is out-of-date and vulnerable. The green bar says the opposite.
Chrome, Firefox, Safari, and Internet Explorer developers are all working on updates that would prevent their browsers from accepting anything lower than a 1024-bit key. At this point, key lengths longer than 1024 bits do not seem to be affected by the Logjam exploit.
At the time of writing, there were no patches available for any major internet browser, so you’re just going to have to hang tight and hope the NSA doesn’t take an interest in your activities over the next few days. Good luck.
