Skip to main content

Home Logjam


(also Logjam attack)

Logjam definition

Logjam is a security flaw targeting the widely-used Diffie-Hellman key exchange encryption method. In this attack, an intruder can lower the encryption strength of susceptible TLS connections to a weaker form, which can subsequently be breached to access, alter, or misappropriate confidential information.

See also: man-in-the-middle attack

Logjam examples

  • Man-in-the-middle attacks: Logjam allows attackers to intercept and decrypt communication between a client and a server, acting as the man-in-the-middle.
  • Exploiting weak cryptography: By downgrading TLS connections to 512-bit export-grade cryptography, attackers can crack the encryption and gain access to sensitive information.
  • HTTPS connections. Websites that support the DHE_EXPORT ciphers are at risk of the Logjam attack. An attacker can force the use of a weakened, export-grade key, then compute the discrete log for that weak key and decrypt the session. This might expose sensitive data, such as login credentials or personal information.
  • Mail servers. Secure email servers using STARTTLS for SMTP could be vulnerable if they support weak Diffie-Hellman parameters. An attacker could potentially intercept and decrypt emails in transit.

Protecting against Logjam

  • Regularly updated software: Browsers and server software should be kept up-to-date. This is crucial because updates often contain patches for security vulnerabilities.
  • Strong encryption: Servers should be configured to use strong Diffie-Hellman groups.
  • VPNs with robust encryption standards: Such VPNs can secure the internet connection.