ag visuell - Fotolia

Problem solve Get help with specific problems with your technologies, process and projects.

How does the Logjam vulnerability affect TLS encryption?

Expert Michael Cobb discusses the TLS protocol flaw dubbed Logjam and explains how to detect if enterprise systems are at risk, as well as how to remediate them.

The Logjam vulnerability downgrades TLS encryption to the point where it can be broken. What are the chances of it affecting enterprises? Is there a way to check if our websites are at risk, and if so, how can we fix the issue?

The Logjam vulnerability (CVE-2015-4000) is yet another newly uncovered "old bug" that affects the Internet's secure communication protocols. A cross-national team of computer scientists found a flaw in the TLS protocol -- not an implementation vulnerability -- relating to the Diffie-Hellman key exchange method that allows Internet protocols to agree on a shared encryption key during the negotiation phase of a secure connection.

This vulnerability can be exploited by an attacker to read and manipulate information passing over a TLS connection that should be secure. The Logjam vulnerability is similar to the recently discovered FREAK flaw, as it allows an attacker to force Web servers and browsers to use weak encryption keys, which can easily be decrypted. To take advantage of Logjam, a hacker needs to launch a man-in-the-middle attack between a client and a server -- a public Wi-Fi at an airport or café for example. Note that attackers would need a network presence to carry out this attack on a corporate network.

The chances of an enterprise being affected in some way by Logjam are extremely high as the Diffie-Hellman key exchange algorithm is fundamental to many protocols, including HTTPS, SSH, IPsec and others that rely on TLS or support Diffie-Hellman key exchanges -- such as secure versions of POP3, IMAP and SMTP. Many VPN services will also be vulnerable due their use of TLS or IPsec. Skyhigh's Service Intelligence Team found 575 cloud services that were potentially vulnerable to Logjam-based attacks six hours after the issue was disclosed, and 99% of its 400-plus customers were using at least one potentially vulnerable service, with the average being 71 vulnerable services.

The Logjam vulnerability affects any server supporting DHE_EXPORT ciphers and all modern browsers, but thankfully systems that are patched against the FREAK flaw are also protected against Logjam. To check if enterprise systems are vulnerable, administrators can use the free Symantec SSL Toolbox.

As a precaution, administrators should make sure all TLS encryption libraries are up to date -- OpenSSL has added protection against the attack in version 1.0.2b and 1.0.1n -- and ensure users' browsers are set to auto update so they receive patches to fix this vulnerability as soon as they're released. Administrators are also advised to generate a unique 2048-bit strength Diffie-Hellman group for key exchange to prevent pre-computation by hackers looking to launch an attack. Those who use SSH should upgrade both server and client installations to the most recent version of OpenSSH, which prefers Elliptic Curve Diffie-Hellman key exchange. The researchers who discovered the Logjam vulnerability have a webpage offering further guidance on how to strengthen affected servers.

Ask the Expert:
Want to ask Michael Cobb a question about application security? Submit your question now via email. (All questions are anonymous.)

Next Steps

Learn more about enterprise TLS encryption

Gain further insight on the Diffie-Hellman key exchange and man-in-the-middle attack defense

This was last published in November 2015

Dig Deeper on Disk and file encryption tools