The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability alert 16951

TLS, SSH, VPN: weakening Diffie-Hellman via common primes

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can obtain the DH keys used by the TLS/SSH/VPN client/server, in order to more easily capture or alter exchanged data.
Vulnerable software: Apache httpd, AnyConnect VPN Client, IVE OS, Juniper SA, lighttpd, nginx, OpenSSH, OpenSSL, Openswan, Postfix, SSL protocol, Sendmail.
Severity of this announce: 2/4.
Consequences of an intrusion: data reading, data creation/edition.
Attacker's origin: internet server.
Creation date: 20/05/2015.
Références of this computer vulnerability: VIGILANCE-VUL-16951.

Description of the vulnerability

The Diffie-Hellman algorithm is used to exchange cryptographic keys. It is used by TLS, SSH and VPNs (IPsec).

Most servers use the same prime numbers (standardized in RFC 3526). An attacker can thus pre-compute values (100000 core CPU hours, so during a week for 512 bits with 100 computers approximately) and use the "number field sieve discrete log algorithm" attack to quickly obtain the used DH keys, and decrypt a session.

The 512 bits sets are considered as broken, and the 1024 bits sets are considered as breakable by a state.

For TLS, this vulnerability can be exploited after Logjam (VIGILANCE-VUL-16950).

An attacker, located as a Man-in-the-Middle, can therefore obtain the DH keys used by the TLS/SSH/VPN client/server, in order to more easily capture or alter exchanged data.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides an applications vulnerabilities announce. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.