You are here
Logjam Attack
Last update on 21. May 2015 - 20:09.
A new attack called Logjam [1] targeting Diffie Hellman (DH) Key Exchange in TLS has been released.
Summary
Airlock WAF 4.2.6 may be affected regarding attackers with massive computational power (e.g., nation-state type attackers).
Airlock WAF protects vulnerable back-end systems.
Details
By performing precomputations for specific DH parameters a man-in-the-middle attacker may be able to break a TLS connection using Diffie Hellman Key Exchange. This attack was demonstrated by a group of researches on DH groups with 512 bit primes. The researchers believe that it is within reach of a nation-state attacker to even break 768 bit or 1024 bit primes.
All supported WAF releases use at least 1024 bit primes in the DH key exchange. In Airlock WAF 5.x this key size depends on the key size of the SSL certificate which we recommend to be at least 2048 bits. In Airlock WAF 4.2.6 the DH key size is fixed to 1024 bits due to the underlying Apache httpd 2.2 release.
The security of the TLS configuration regarding Logjam can be verified with the online tool available at [1].
We recommend performing the following checks:
For Airlock WAF 5.x:
- The TLS certificates have a key length of at least 2048 bits.
- The default cipher suite is enabled or an equivalent custom cipher suite with deactivated Diffie Hellman export ciphers is used.
For Airlock WAF 4.2.6.x
- We recommend updating to Airlock 5.x. If this is not possible we recommend deactivating DH ciphers and using ECDH ciphers instead. This can be done by using the following custom cipher suite, which is based on the default cipher suite used in HF4231:
EECDH+AESGCM:EDH+AESGCM:EECDH+AES:EDH+AES:AESGCM:AES:-SSLv3:
EECDH+AES:EDH+AES:EECDH+3DES:EDH+3DES:AES:3DES:
!NULL:!ADH:!kECDH:!DSS:!MD5:!PSK:!aNULL:!SRP:!DES:!EXP:!RC4:!EDH
Please refer to this article for instructions on how to configure a custom cipher suite.