Logjam HTTPS exploit downgrades security to get at your data

It seems like every day a new vulnerability is discovered in some Web protocol, and now researchers claim they’ve identified another. Logjam is a hole in the Diffie-Hellman key exchange protocol, a commonly used method of establishing a secure connection. It takes a bit of work to exploit, but with the right access, the bug can potentially spill sensitive data all over the place.

The Logjam exploit starts with a man in the middle attack. Whoever is seeking to access data with Logjam puts themselves between a user and the server, but continues to pass messages back and forth, picking them up on the way. Most modern servers use long algorithms to prevent anyone who isn’t on each end from un-encrypting the data, but the attacker can tell both the client and the server to lower the security level, turning that long algorithm into an easily hacked 512-bit prime number.

Once the 512-bit prime number, a relatively weak encryption method, is unlocked, the attacker has access to any data sent or received between the server and client. They might not even need to turn it down as low as 512 bits, since some research shows that national powers may already have the technology required to crack 768 and 1,024-bit prime numbers.

Thankfully, the fix for Logjam is a relatively simple one, and updates are already rolling out that take care of the issue. Most end users won’t need to do anything except update their browser to the latest version, which is always a good idea, anyway. If you’re running a server, either application or email, you just need to makes sure you’ve updated any libraries or applications you’re using.

If you’re still worried you might be vulnerable, there’s a handy page that will tell you whether your browser is safe or not.