[Ninux-Wireless] Weak Diffie-Hellman (The Logjam Attack)

[Germano Massullo]

Da https://weakdh.org/

Diffie-Hellman key exchange
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange is a
popular cryptographic algorithm that allows Internet protocols to agree
on a shared key and negotiate a secure connection. It is fundamental to
many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that
rely on TLS.

We have uncovered several weaknesses in how Diffie-Hellman key exchange
has been deployed:

 1. *Logjam Attack against the TLS Protocol.* The Logjam attack allows a
man-in-the-middle attacker to downgrade vulnerable TLS connections
to 512-bit export-grade cryptography. This allows the attacker to
read and modify any data passed over the connection. The attack is
reminiscent of the FREAK attack http://freakattack.com, but is due
to a flaw in the TLS protocol rather than an implementation
vulnerability, and attacks a Diffie-Hellman key exchange rather than
an RSA key exchange. The attack affects any server that supports
DHE_EXPORT ciphers, and affects all modern web browsers. 8.4% of the
Top 1 Million domains were initially vulnerable.
 2.

*Threats from state-level adversaries.* Millions of HTTPS, SSH, and
VPN servers all use the same prime numbers for Diffie-Hellman key
exchange. Practitioners believed this was safe as long as new key
exchange messages were generated for every connection. However, the
first step in the number field sieve—the most efficient algorithm
for breaking a Diffie-Hellman connection—is dependent only on this
prime. After this first step, an attacker can quickly break
individual connections.

We carried out this computation against the most common 512-bit
prime used for TLS and demonstrate that the Logjam attack can be
used to downgrade connections to 80% of TLS DHE EXPORT servers. We
further estimate that an academic team can break a 768-bit prime and
that a nation-state can break a 1024-bit prime. Breaking the single,
most common 1024-bit prime used by web servers would allow passive
eavesdropping on connections to 18% of the Top 1 Million HTTPS
domains. A second prime would allow passive decryption of
connections to 66% of VPN servers and 26% of SSH servers. A close
reading of published NSA leaks shows that the agency's attacks on
VPNs are consistent with having achieved such a break.

___
Wireless mailing list
Wireless@ml.ninux.org
http://ml.ninux.org/mailman/listinfo/wireless

Re: [Ninux-Wireless] Giovedì skill sharing a Roma: netdiff, git, olsr

[Nemesis]

Ne faremo altre :-)



On 05/19/2015 06:53 PM, Daniela Ruggeri wrote:
 Accidenti!

 Spero che lo rifate questo skill sharing perche' io questo giovedi'
 non posso essere presente

 Ciao :-)
 Daniela
  
 Key GPG ID: AA2DA887
 
 Un guerriero accetta la sua parte, qualunque possa essere, e l'accetta
 in assoluta umilta'. Accetta in umilta' cio' che egli e', e non ne fa
 motivo di rimpianto ma di sfida. Io conosco soltanto l’umilta' del
 guerriero, e questa non mi permettera' mai di schiavizzare qualcuno.
 Carlos Castaneda.



 Il Martedì 19 Maggio 2015 18:38, Nemesis neme...@ninux.org ha scritto:


 Giovedì facciamo skill sharing su netdiff, github e se c'è tempo olsrd!

 Tratteremo:

  * installare python virtualenvwrapper
  * forkare il repository su github e installare il vostro fork
  * provare la libreria sulla topologia di Roma
  * altre curiosità su git e github
  * funzionalità generali di olsrd

 Requisiti per netdiff:

  * OS unix (ubuntu, kubuntu, fedora, mac osx), anche virtuale va bene
 (per chi usa windows)
  * installate il pacchetto git-core per il vostro OS unix menzionato
 precedentemente

 Se non facciamo in tempo a fare qualcosa lo facciamo la volta dopo :-)

 Bella!

 ___
 Wireless mailing list
 Wireless@ml.ninux.org mailto:Wireless@ml.ninux.org
 http://ml.ninux.org/mailman/listinfo/wireless



 ___
 Wireless mailing list
 Wireless@ml.ninux.org
 http://ml.ninux.org/mailman/listinfo/wireless

___
Wireless mailing list
Wireless@ml.ninux.org
http://ml.ninux.org/mailman/listinfo/wireless