


























This paper will discuss the Logjam attack on TLS. The Logjam attack allows, under certain conditions, to defeat the security provided by TLS. This is done by manipulating server and client into using weak and deprecated export grade crypto, and subsequently breaking the Diffie-Hellman key exchange. We explore how the attack works conceptually and how exactly TLS is vulnerable to this attack. Also, the conditions under which the attack can be mounted are discussed, and an estimate of the impact of the attack is presented. Lastly, several mitigations are presented.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。