Skip to content
This repository has been archived by the owner on Dec 6, 2023. It is now read-only.

Logjam vulnerability detection #76

Open
klyubin opened this issue May 20, 2015 · 0 comments
Open

Logjam vulnerability detection #76

klyubin opened this issue May 20, 2015 · 0 comments
Assignees
@klyubin
Labels
enhancement

Comments

@klyubin
Copy link
Contributor

klyubin commented May 20, 2015

See https://weakdh.org.

  • By eavesdropping on traffic, nogotofail should be able to detect whether a DH key exchange occurred over a group smaller than 1024 bit -- the current cutoff being deployed as mitigation against Logjam. The catch here is that clients which accept smaller groups will not be flagged unless the server actually uses a smaller group.
  • By MiTMing traffic with servers which support export versions of DH cipher suites, nogotofail should be able to detect clients which accept the resulting smaller DH groups.
@klyubin klyubin self-assigned this May 20, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@klyubin klyubin

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@klyubin