Content deleted Content added
The 1024-bit thing was actually fully reported in May, just only got publicity now |
2*typo |
||
Line 3:
One vulnerability demonstrated by the authors was using a man-in-the-middle network attacker to downgrade a [[Transport Layer Security]] (TLS) connection to use 512 bit DH export-grade cryptography, allowing him to read the exchanged data and inject data into the connection. It affects the [[HTTPS]], [[SMTPS]], and [[IMAPS]] protocols, among others.<ref>{{cite web |last1=Adrian |first1=David |last2=Bhargavan |first2=Karthikeyan |last3=Durumeric |first3=Zakir |last4=Gaudry |first4=Pierrick |last5=Green |first5=Matthew |last6=Halderman |first6=J. Alex |last7=Heninger |first7=Nadia |last8=Springall |first8=Drew |last9=Thomé |first9=Emmanuel |last10=Valenta |first10=Luke |last11=VanderSloot |first11=Benjamin |last12=Wustrow |first12=Eric |last13=Zanella-Béguelin |first13=Santiago |last14=Zimmermann |first14=Paul |title=Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice |url=https://weakdh.org/imperfect-forward-secrecy.pdf |date=October 2015}}</ref> Its CVE ID is CVE-2015-4000.<ref>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000</ref>
The authors also estimated the feasibility of the attack against 1024 bit Diffie–Hellman primes. By design, many Diffie–Hellman implementations use the same pregenerated prime for their field. This was considered secure, since the [[discrete log problem]] is still
== Responses ==
| |||