{{Short description|Security vulnerability in Diffie–Hellman key exchange}}
'''Logjam''' is a [[Vulnerability (computing)|security vulnerability]] against asystems that use [[Diffie–Hellman key exchange]] rangingwith fromthe same prime number. It was discovered by a team of computer scientists and publicly reported on May 20, 2015. The discoverers were able to demonstrate their attack on 512-bit ([[export of cryptography from the United States|US export-grade]]) toDH systems. They estimated that a state level attacker, could do so for 1024-bit keyssystems, then widely used, thereby allowing decryption of a significant fraction of Internet traffic. They recommended upgrading to at least 2048-bits for shared prime systems.<ref name="paper">{{cite web |url=https://weakdh.org |title=The Logjam Attack |website=weakdh.org |date=2015-05-20}}</ref> It was discovered by a group of computer scientists and publicly reported on May 20, 2015.<ref>{{cite web |url=https://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ |title=HTTPS-crippling attack threatens tens of thousands of Web and mail servers |author=Dan Goodin |website=[[Ars Technica]] |date=2015-05-20}}</ref><ref>{{cite news |url=http://www.zdnet.com/article/logjam-security-flaw-leaves-tens-of-thousands-of-https-websites-vulnerable/ |title=Logjam security flaw leaves top HTTPS websites, mail servers vulnerable|author=Charlie Osborne |work=[[ZDNet]] |date=2015-05-20}}</ref><ref>{{cite news|url=https://www.wsj.com/articles/new-computer-bug-exposes-broad-security-flaws-1432076565|title=New Computer Bug Exposes Broad Security Flaws|work=The Wall Street Journal|first=Jennifer|last=Valentino-DeVries|date=2015-05-19|url-access=subscription}}</ref>
