HTTPS-Crippling Attack Threatens Thousands of Websites and Email Servers

Status
Not open for further replies.

comfortablynumb15

Level 7
Thread author
Verified
May 11, 2015
326
"Tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet services are vulnerable to a new attack that lets eavesdroppers read and modify data passing through encrypted connections, a team of computer scientists has found.

The vulnerability affects an estimated 8.4 percent of the top one million websites and a slightly bigger percentage of mail servers populating the IPv4 address space, the researchers said. The threat stems from a flaw in the transport layer security protocol that websites and mail servers use to establish encrypted connections with end users. The new attack, which its creators have dubbed Logjam, can be exploited against a subset of servers that support the widely used Diffie-Hellman key exchange, which allows two parties that have never met before to negotiate a secret key even though they're communicating over an unsecured, public channel.

The weakness is the result of export restrictions the US government mandated in the 1990s on US developers who wanted their software to be used abroad. The regime was established by the Clinton administration so the FBI and other agencies could break the encryption used by foreign entities. Attackers with the ability to monitor the connection between an end user and a Diffie-Hellman-enabled server that supports the export cipher can inject a special payload into the traffic that downgrades encrypted connections to use extremely weak 512-bit key material. Using precomputed data prepared ahead of time, the attackers can then deduce the encryption key negotiated between the two parties.

"Logjam shows us once again why it's a terrible idea to deliberately weaken cryptography, as the FBI and some in law enforcement are now calling for," J. Alex Halderman, one of the scientists behind the research, wrote in an e-mail to Ars. "That's exactly what the US did in the 1990s with crypto export restrictions, and today that backdoor is wide open, threatening the security of a large part of the Web."
"

Yet again we find ourselves with weakened security because of the "need for security". This record is getting played out and dangerous.
 
Last edited by a moderator:
  • Like
Reactions: FireShootSK

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
It seems that Internet Explorer is the only one who isn't vulnerable to this attack...
Windows 8.1 with Chrome - Fail
Windows 8.1 with Firefox - Fail
Windows 8.1 with Internet Explorer 11 - Passed
1.jpg


2.jpg
 
Last edited:
  • Like
Reactions: jamescv7
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top