Logjam Attack

A critical protocol flaw termed as "Logjam" vulnerability (CVE-2015-4000) has been discovered in Transport Layer Security (TLS) protocol versions 1.2 and earlier. By exploiting this flaw an attacker can cause Man-In-The-Middle (MITM) attack and compromise sensitive information in an encrypted client-server communication. This flaw impacts both clients (web browsers) and servers which use Diffie-Hellman key exchange. However, it does not affect RSA key exchange.

Changes done at NSE end

Following cipher suites have been retained at server end and supported for HTTPs communication. Support for other ciphers have been removed.

·         TLS_RSA_WITH_AES_128_CBC_SHA

·         TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

·         TLS_RSA_WITH_AES_128_CBC_SHA256

·         TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

·         TLS_RSA_WITH_3DES_EDE_CBC_SHA

·         TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

 

This change has been promoted to test environment. Members are requested to check access to https://www.devconnect2nse.com to confirm an access to the landing page. The above mentioned changes will be effective from 18^th July 2015. In case any assistance required, members are requested to contact our helpline number.

Contact Number:  helpline 1800 22 0057

References:

https://weakdh.org
https://weakdh.org/sysadmin.html