When Lazy Administrators Cause A Logjam

A demo of the methods in this article are here.

I had a debate with an administrator the other day. “Are you safe from Logjam?”, “Yes. I patched”, “But how do you know it is okay?”, “Well. I scanned it”, “But what if the scanner is not working right?”.

Overall, the administrator hadn’t understood what the threat was, and just patched without really knowing what had actually been fixed. With Logjam, the problem lies in the prime number settings of OpenSSL. So I’ll provide a basic overview of Logjam and what the core problem was.

Logjam came from the paper “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice” [here] and where it was discovered that many Web sites on the Internet used the same prime numbers for Diffie-Hellman Key Exchange. This allows for pre-computed keys to be generated for the values that Bob and Alice will use for their random numbers. It is thought that the NSA, for example, had created large tables of these values, and which basically just did a look-up to discover the shared key.

Within Diffie-Hellman key exchange, Bob generates an x value and calculates A:

A=Gˣ (mod p)

Alice does the same and generates y, and the value of B:

B=Gʸ (mod p)