Logjam flaw leaves browsers alongside thousands of HTTPS websites vulnerable

According to a latest report from Ars Technia, millions of HTTPS based sites, mail servers as well as other online services might eventually be left vulnerable because of a security bug that could allow cyber-criminals to successfully snoop and modify the encrypted data.

A computer scientists’ team released the report this week according to which, the issue is caused by a vulnerability in an algorithm enabling the secure connection establishment among two parties – the algo is dubbed as Diffie-Helllment Key Exchange.

This can more likely be exploited by the attack being labelled as Logjam, which allows a third-party to intercept into the data for their own benefits.

As per ZD Net the Logjam flaw could possibly have a wider scale impact, alongside the computer scientists’ perception that a successful hit/attack might leave as much as 18 percent out of the top 1 million HTTPS websites on the Internet very much open to the eavesdropping.

Report states, “Millions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange”.

“Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve – the most efficient algorithm for breaking a Diffie-Hellman connection – is dependent only on this prime. After this first step, an attacker can quickly break individual connections.”

This Logjam attack is believe to be similar to HTTPS breaking FREAK attack, which got reported by many security blogs recently, except the fact that it’s caused by a security flaw in TLS protocol instead of an implementation problem.

The researchers advise that you should install the latest updates for all of your web browsers, with Apple, Google, Mozilla and Microsoft every single one expected to take an action deploy fixes to their respective browsers very soon.

This particular attack is the latest one in an ever growing list of the vulnerabilities and cyber attacking techniques that have been seriously undermined handful of the web’s more widely implemented security protocols, like TLS and SSL. Apart from the FREAK flaw, the last couple of years have made us see the emergence of CRIME, BEAST, OpenSSL Heartbleed and POODLE attacks.

But undoubtedly the latest discovery may possibly be the most important one, given the implementations for the safety of the systems such as SSH and VPNs servers.

Researchers wrote in their paper, “Our calculations suggest that it is plausibly within NSA’s resources to have performed number field sieve precomputa- tions for at least a small number of 1024-bit Diffie-Hellman groups. This would allow them to break any key exchanges made with those groups in close to real time. If true, this would answer one of the major cryptographic questions raised by the Edward Snowden leaks: How is NSA defeating the encryption for widely used VPN protocols?”

Leave a Reply

Your email address will not be published. Required fields are marked *