Tuesday, May 23, 2017

Many web sites are vulnerable to Logjam

Rate this item
(0 votes)

A new SSL protocol security vulnerability

A new security vulnerability has been discovered in the SSL (Secure Sockets Layer) by researchers at Microsoft Research, the universities of Pennsylvania, Johns Hopkins, Michigan and INRIA French Research Institute. As the fault FREAK discovery last March, the new fault called Logjam would be the result of a measure of the US government in the 90 prohibiting the shipment of software products that use strong encryption keys. This legislation passed as part of national security then led to the use of 512-bit keys; and even after its abolition, many browsers have continued to use such weak encryption to ensure data security.

By a man-in-the-middle attack, a hacker can intercept the negotiating secure connection between a browser and a web or mail server. At this stage, it is in principle the most powerful algorithm to be used to encrypt the connection. But using Logjam flaw, the hacker can achieve deceive the web server using a 512-bit key, easier to crack. The weakly encrypted data sent by the browser can then be decoded in minutes, said Matthew D. Green, one of the researchers who discovered the flaw.

The flaw lies in an algorithm called "Diffie-Hellman key exchange" which allows protocols to negotiate a shared key and create a secure connection.

Websites, mail servers and other systems that support DHE_EXPORT figures are vulnerable to Logjam. The flaw has existed for over two decades, says Green; and to exploit, the attacker needs to be on the same network as the victim.

Logjam has been quietly sent to the browser vendors. If Microsoft has corrected its Internet Explorer browser last week, fixes for other programs such as Firefox and Apple's Safari browser should be published very soon.

About 7% of websites are vulnerable to Logjam, with up to 8.4% of the top 1 million websites domains. But it seems that the biggest problem with the mail servers. "The big problem is that the software that people use to run mail servers are not as well maintained," Green said. "They simply install them and forget them. Many default configurations that are shipped with [the software] is bad. "Did he added.

The vulnerability Logjam rate was reduced while steps have already been taken to correct the fault FREAK. The safety report notes in effect that organizations and companies that have patched their software against FREAK will not be vulnerable to Logjam, given that these patches have eliminated the opportunity for software to use lower figures.

Read 178707 times Last modified on Thursday, 04 June 2015 15:30
More in this category: Java blows his 20th candle »


Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.

Edwards Computer Foundation

Edwards Computer Foundation (ECF) is the training and development arm of Computer Network Services (CNS). Edwards Computer Foundation brings together the resources, skills and personnel of CNS and ECF Information Technology Management. It is 100% purely Ni- Vanuatu owned Information Technology training Center and is located in the heart of Port Vila city, in Vanuatu, South Pacific.