OpenSSL patch fixes encryption flaw and strengthens Logjam defense

A new OpenSSL patch fixes a severe encryption flaw and strengthens the protocol against the Logjam vulnerability.

The OpenSSL project team has released a patch for its cryptographic library to fix a severe vulnerability, which...

could allow an attacker to decrypt HTTPS communications, and to harden defenses against the Logjam flaw.

The decryption attack vulnerability was discovered in the way OpenSSL handles the Diffie-Hellman (DH) key exchange in certain scenarios. Usually, OpenSSL only uses so-called safe prime numbers, but in OpenSSL 1.0.2, a new way of generating parameter files will reuse a prime number. Theoretically, an attacker could then use this value to decrypt secure communications.

However, the advisory noted that this attack would be difficult to perform, because it would require "the attacker complete multiple handshakes in which the peer uses the same private DH exponent."

Garve Hays, solutions architect at Micro Focus, said the risk should be limited, because the main exposure is in services that provide forward secrecy, such as Gmail, Twitter and Facebook.

"The good news is those organizations are diligent in their patch management process, so the risk will be quickly mitigated," Hays said. "Forward secrecy is a protocol feature wherein the possession of a private key does not allow for the decryption of past messages. Thus, if a private key were obtained, it could not be used to go back and recover older communications."

OpenSSL 1.0.1 is not vulnerable to this kind of attack, so users running version 1.0.2 are urged to install the OpenSSL patch version 1.0.2f.

The new patch also adds new features to further reduce the impact of a Logjam attack. Logjam could allow a man-in-the-middle attacker to downgrade vulnerable TLS connections. A previous OpenSSL patch protected against this attack by rejecting handshakes with DH parameters shorter than 768 bits, and the new patch hardens that protocol to reject parameters shorter than 1024 bits.

Those running OpenSSL 1.0.1 should upgrade to version 1.0.1r to get the additional Logjam security.

Next Steps

Learn more about how the Logjam vulnerability can affect TLS encryption.

Learn how the Diffie-Hellman key exchange compares to RSA.

Learn how to fix Windows Server SSL and TLS security flaws.

Dig Deeper on Security patch management and Windows Patch Tuesday news

PRO+

Content

Find more PRO+ content and other member only offers, here.

Related Discussions

Michael Heller asks:

Does your organization use OpenSSL?

0  Responses So Far

Join the Discussion

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close