• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Cookie Policy (US)
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Thousands of websites in critical condition amid an old TLS encryption flaw

Updated on May 22, 2015 by Guest Authors

It’s a shame that several old security flaws that date back to as early as the 1990s continue to be uncovered by researchers in the 21st century, the latest of which being a critical vulnerability of the Transport Layer Security (TLS) protocol that enables an attack on the communication between a user and thousands of websites/mail server.

Majority of the websites, VPN servers and mail servers at present use the TLS protocol as a method of encrypting network traffic. But researchers from various groups and academic institutions including the Johns Hopkins University found that hackers could intercept the security protocol by lowering the encryption to a level that they can easily circumvent.

cyber-security

That has been made possible by an old TLS flaw called Logjam, first discovered in the 1990s but which up to now has not yet been patched.

It is easy for a potential attacker to conduct the attack, he or she only needs to use the same network such as a public WiFi to launch an attack. What’s more alarming is that the National Security Agency might also have used this vulnerability to spy on private individuals that use secure VPN connections.

At the heart of the flaw is the Diffie-Hellman algorithm ciphers used for encryption. Using this algorithm, the server establishes communication with the browser to find a shared secret key and decide on a secure connection in order to facilitate the communication.

It is hard to imagine how the vulnerability came up, because the Diffie-Hellman algorithm has been a highly secure method for encrypting network traffic due to the fact that its key can be changed constantly. In order to intercept the traffic based on this algorithm, each new key has to be cracked. But that would not be an easy task.

Luckily for hackers, the Logjam vulnerability strips the algorithm of strict measures and allows anyone with technical know-how to downgrade the Diffie-Hellman method’s 2048-bit prime numbers for key generation to only 512-bit primes.

That appears to be an easy task for the NSA, and researchers believe the spy agency can easily determine even the 1024-bit primes.

It all began in the 1990s, when the U.S. government banned the export of high-grade levels of cryptography products, thus requiring developers to provide only the lower levels of security products worldwide. This resulted in a weaker encryption that is now in wide use all over the globe.

The flaw can only be used through a man-in-the-middle attack, so it is more likely affecting a relatively fewer number of users. A patch is also already in the works.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

OpenRock S Review – Revolutionizing the World of Earbuds

AiDot OREiN & Linkind Matter Smart Light Bulb Review

ALLPOWERS SP033 200W Portable Solar Panel Review – Eco-Friendly Energy on the Go

Epomaker RT100, TH80 Pro, Shadow-X Mechanical Keyboard Reviewed

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • OpenRock S Review – Revolutionizing the World of Earbuds
  • AiDot OREiN & Linkind Matter Smart Light Bulb Review
  • OKP L1 Robot Vacuum Cleaner Review – Affordable Robot with LiDAR Navigation
  • KEF LS50 Bookshelf Speakers Review: A Sound Decision Over the LS50 Meta

Copyright © 2023 · All Rights Reserved

Manage Cookie Consent
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}