After Heartbleed, Logjam is the new SSL problem


Wednesday, May 20, 2015

A good number of universities and organizations discovered the problem and published a detailed report about the weakness. They found that the bug affects the algorithm called the "Diffie-Hellman key exchange" which creates a secure connection for a wide range of protocols (HTTPS, SMTPS, etc.).

The bug allows a middle-man to downgrade the encryption of your connection to 512 bits, which is enough for it to be easily decryptable. Large organizations with access to lots of computing power (I'm looking at you NSA) might even be able to decrypt stronger encryptions.

We strongly recommend you test to see if your website is vulnerable. If the box is red and you're worried about your data's encryption, contact your webmaster.

News