OpenSSL has patched a TLS vulnerability which, it is suspected, the NSA exploited to snoop on targets via a main-in-the-middle attack (MITM).
The so-called ‘Logjam’ flaw (CVE-2015-4000) could allow MITM attackers to downgrade vulnerable connections to easily crackable 512-bit cryptography.
Attackers with access to large amounts of compute power could break stronger encryption using the same algorithm, researchers claimed.
“A close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break,” they said.
Logjam was similar to FREAK, although it came from a vulnerability in TLS rather than an implementation flaw, and applied to servers supporting the Diffie-Hellman key exchange rather than RSA.
It is said to have affected 80,000 of the world’s most popular HTTPS websites.
“OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release,” the advisory noted.
OpenSSL 1.0.2 users are now being urged to upgrade to 1.0.2b, while firms on 1.0.1 should upgrade to 1.0.1n.
Six other patches were announced by the body, five of which were rated “moderate” and one “low” severity. Some could allow attackers to launch a denial-of-service attack against a vulnerable system, while at least one other could cause memory corruption.
Open source OpenSSL has been found wanting in recent months, with major flaws such as POODLE, FREAK and Heartbleed all discovered in one of the most widely deployed pieces of software in the world.
This forced the Linux Foundation’s Core Infrastructure Initiative to throw money at the problem in the form of the Open Crypto Audit Project.
This led to a decision to undertake a major independent audit of the underlying source code, with NCC Group iSEC Partners, Matasano, and Intrepidus Group all announcing their participation.