Facebook Google Plus Twitter LinkedIn YouTube RSS 功能表 搜尋 Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SSL-TLS LogJam Vulnerability

High

Synopsis

Servers using Diffie-Hellman key exchanges via SSL or TLS that include the export option are vulnerable to a man in the middle attack.

Description

The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography.This allows the attacker to read and modify any data passed over the connection.

解決方案

Disable export cipher suites, and instead deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE).