May 20, 2015 · I heard there is a "new" TLS vulnerability named Logjam, what does it do and how do I prevent it?

May 20, 2015 · First off, Logjam only applies to 'classic' aka integer aka modp aka Zp DH (E), not ever ECDH (E). Second, you were apparently using OpenSSL 1.1.1 which supports TLS1.3 -- which …

May 21, 2015 · In response to Logjam I want to prove I've hardened my services. I know that the DH param has to be 2048 bits at least and self generated. But I am unable to find a way to actually …

May 22, 2015 · Does the recommended course of action for preventing Logjam on Tomcat servers really eliminate all risks of weak DH keys? Ask Question Asked 10 years, 8 months ago Modified 10 years, …

Feb 1, 2016 · Most likely I am missing some fundamentals: Our web servers are secured with TLS encryption. We use RSA-2048 bit certificates. The logjam attack targets the DH algorithm. How can …

Jul 4, 2017 · In Logjam attack, the client presents a list of cipher suites (includes some strong cipher and EXPORT cipher as well). A Man-in-the-Middle attack will change this request such that highest grade …

May 21, 2015 · According to the Diffie-Hellman key exchange get affected by logjam, and openID uses this to establish an association. So how this going to affect OpenID?

Jun 25, 2015 · In answer to your second question, for logjam to work, both the client AND the server have to support the old "export 512 bit DH connections". This is fixed by simply re-configuring the …

LogJam hardening OpenSSH and testing it [duplicate] Ask Question Asked 10 years, 7 months ago Modified 10 years, 1 month ago

Jun 10, 2015 · For more info see my answers to these questions: Securing Chrome against Logjam on Windows and How to Check if a server is not vulnerable to logjam?