Over the past couple of years the industry is regularly presented with SSL/TLS vulnerabilities and each of them has a unique name/buzzword to it. Some of the past buzzwords have are BEAST, FREAK, POODLE, LUCKY THRITEEN & The latest being “Logjam”. In this post we shall explain as to what exactly is Logjam? Is it actually a threat or just another vulnerability jargon? And lastly we shall explain you how to check if you are vulnerable & mitigate the vulnerability.
Logjam –The Vulnerability
The Logjam vulnerability is a TLS vulnerability found in the “Diffie-Hellman-Merkle” cipher. The attack is much similar to the recent FREAK attack in which the client & server are tricked into using a downgraded export cipher. As mentioned above in our case client-servers using 512 Bit -DHM export grade ciphers are vulnerable. So now we need to understand what is an EXPORT GRADE cipher? Technically speaking none of the ciphers are export as during a connection end to end encryption is being used as well as necessary protocols are put into place. But the cryptographic keys that are used into the ciphers are deliberately weakened so that they can be cracked upon later when required.
In the 90’s government agencies used to sell software to its enemies using such keys (Export grade) which when need they could crack and monitor their enemies. Later in the year 2000 the US government abandoned the use of such ciphers, but by that time they had already flourished into the industry and where used in many products at different levels. So organizations also had to keep providing support for the ciphers. The problem with export grade is that over the years the computational power increased but the key lengths were not increased.
The DHM algorithm that is exploited by the vulnerability uses mathematical calculations known as discrete logarithms, short for which are “logs”. The attack uses special logs to jam bogus messages into the data to crack the communication, hence the name “Logjam” was derived.
Logjam - What it takes to launch a successful attack?
One of the most important things to exploit this vulnerability is to have or be able to generate exceptional computing power which can be equivalent to government security agencies or the computational power available at big universities. Let us assume that we have the request power available at our disposal, nevertheless still there are many scenarios which need to be in place for this attack to successful:
- The attackers must select the target beforehand and must be listening to their traffic before performing the attack.
- It is also necessary for the attacker to be already having established the “Man in the Middle” connection or be able to immediately establish once the targets start talking to each other. For e.g. if the attacker is at a coffee shop and listening to the traffic, if his targets are not yet decided or is still not in a position to establish a “Man in the Middle” connection the possibility of finding the same target again is quite rare.
- The attacker needs to have pre computed values that the client will be using or need to have exceptional computational power.
Are you “Vulnerable”?
There are various free tools and website which will help you test your servers, browsers etc. against this attack :
- Keycdn - https://tools.keycdn.com/logjam
- Weakdh - https://weakdh.org/
- Qualys Labs - https://www.ssllabs.com/ssltest/index.html
- Open SSL: openssl s_client -connect www.[yourwebsite/server].com:443 -cipher "EDH" | grep "Server Temp Key"
In the above case if the key is less than 2048 than one should consider themselves to be vulnerable as now a days even 1024 bit keys can be cracked. If the connection fails in the above command than it would mean that there is no support for the DHM on the server and you are safe.
Now another check that is to be done with open SSL is to check if there is support for export grade ciphers disabled:
- Command : openssl s_client -connect www.example:com:443 -cipher "EXP"
In this case if the connection is successful than it means export grade is enabled and one needs to disable it.
For Nmap users the command would be:
- Nmap : nmap --script ssl-enum-ciphers -p 443 www.example.com | grep EXPORT
The researchers who found this vulnerability have come up with a good guide to securely implement the DHM algorithm and defend against the Logjam vulnerability:
We understand that you might be vulnerable to Logjam. But we would recommend you not rush into patching this vulnerability. William Murray a well-known information assurance trainer as nicely said in his recent article “Not all vulnerabilities are problems; not all problems are of same size”. It might be easy for a security agency to crack a 512 or 1024 Bit key but it is also quite expensive for them. When thinking of patching your systems keep in mind the 3rd rule of Adi Shamir “People do not break crypto, they bypass it.”