The problem of popular primes: Logjam
This addresses a critical security vulnerability in TLS for users and systems relying on secure communications.
The paper analyzes the Logjam attack on TLS, which can defeat TLS security by forcing servers and clients to use weak export-grade cryptography and then breaking the Diffie-Hellman key exchange, with an estimate of its impact provided.
This paper will discuss the Logjam attack on TLS. The Logjam attack allows, under certain conditions, to defeat the security provided by TLS. This is done by manipulating server and client into using weak and deprecated export grade crypto, and subsequently breaking the Diffie-Hellman key exchange. We explore how the attack works conceptually and how exactly TLS is vulnerable to this attack. Also, the conditions under which the attack can be mounted are discussed, and an estimate of the impact of the attack is presented. Lastly, several mitigations are presented.