Tag Archives: DHE

The Logjam Attack

Last updated: 12/15/15

Official website

https://weakdh.org/

Twitter hashtags

Vulnerability testing tools

Test your browser (client):

Test your server:

 

Vulnerable browser results

If your browser is vulnerable you will see:

weakdh.org Vulnerable web browser example

20150524-weakdh.org-vulnerable-browser
weakdh.org: Warning! Your web browser is vulnerable to Logjam and can be tricked into using weak encryption. You should update your browser.

 

Qualys SSL Labs client test Vulnerable user agent example

20150524-ssllabs.com-ssl-client-test-logjam-vulnerability
ssllabs.com: Your user agent is vulnerable. Upgrade as soon as possible.

 

Qualys SSL Labs manual Logjam Vulnerability test Vulnerable example

20150524-ssllabs.com-vulnerable-user-agent
ssllabs.com: Your user agent is vulnerable to the Logjam attack

 

Vulnerable server results

If the server tested is vulnerable you will see:

weakdh.org Vulnerable server – uses a commonly-shared 1024-bit Diffie-Hellman group

20150524-weakdh.org-vulnerable-server
weakdh.org: Warning! This site uses a commonly-shared 1024-bit Diffie-Hellman group, and might be in range of being broken by a nation-state. It might be a good idea to generate a unique, 2048-bit group for the site.

 

Safe client results

If your browser is safe you will see:

weakdh.org Safe web browser

20150530-secure-firefox-logjam-step5
Good News! Your browser is safe against the Logjam attack.

 

Safe server results

Two examples of safe server results below:

weakdh.org Safe – uses 2048-bit Diffie-Hellman group

20150524-weakdh.org-safe-server
weakdh.org: Good News! This site uses strong (2048-bit or better) key exchange parameters and is safe from the Logjam attack.

 

weakdh.org Safe – does not use DHE

20150524-weakdh.org-whitehouse.gov-safe-server
weakdh.org: Good News! This site is safe from the Logjam attack. It supports ECDHE and does not use DHE.

 

Secure your browser and server

 

Logjam timeline

Upcoming

Interesting reads

 

Additional information

Terms (in order of appearance):

  • DHE – Ephemeral Diffie-Hellman (also commonly referred to as EDH)
  • ECDHE – Elliptic Curve Ephemeral Diffie-Hellman

Content licensing

Content from Qualys licensed under a Creative Commons Attribution 3.0 License (http://creativecommons.org/licenses/by/3.0/us/).  No changes were made to the original content.


Creating this post

Jing was used for screenshots and WP Smush was used to remove PNG metadata.