There’s a new problem with SSL called “Logjam”, here’s what you need to know

It seems like we just got over the Heartbleed vulnerability, but there’s another major flaw with SSL called “logjam” that affects a number of fundamental Web protocols. The bug affects an algorithm called the “Diffie-Hellman key exchange” which allows protocols such as HTTPS, SSH, IPsec, SMTPS to negotiate a shared key and create a secure connection. Researchers from a number of universities and organizations including discovered a number of weaknesses in the algorithm and published a technical report that details its flaws. The attack allows a man-in-the-middle to downgrade security of connections to a lower level of encryption — 512 bit —…

This story continues at The Next Web

from The Next Web

0 Kommentare:

Kommentar veröffentlichen