Could the Logjam bug be how the NSA broke VPNs?
A new potentially high impact vulnerability, widely reported as the cousin of the FREAK bug, has been revealed by researchers.
Dubbed Logjam, the vulnerability takes advantage of legacy encryption standards imposed in the 90’s by the U.S. government and tricks servers into using weaker 512-bit keys which can be decrypted easily. It is effectively a man-in-the-middle attack, weakening the encryption between client and server.
The bug has been found to impact any server supporting DHE_EXPORT ciphers and all modern browsers. Last week Microsoft patched the flaw, while Firefox, Chrome and Safari patches are expected soon.
The findings by the researchers, reported on hosted site Weakdh.org, also gave a possible explanation to how the NSA attacked VPN services. The flaw in how TLS implements Diffie-Hellman cryptography was suggested as the possible path the NSA took, with the site stating:
"A close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break."
With reports mentioning FREAK and NSA snooping, it is easy to lose sight of the facts. CBR asked 5 security experts their thoughts on the new vulnerability and the potential impact it could have.
1. Impact & scope
Ken Westin, senior security analyst at Tripwire, said:
"This vulnerability is a flaw in the SSL protocol and has been present for more than 20 years and affects HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS, so the vulnerability is very widespread.
"However, to take advantage of this vulnerability an attacker needs to be on the same network as the victim, such as on the same Wi-Fi network, so there is no indication of any remote exploit capability related to this vulnerability at this time."
2. Not a high priority threat
Paco Hope, principal consultant at Cigital, said:
"Mature organisations know whether Logjam is important to them because they have done threat modelling and architecture review of their software, data, and users.
"Logjam requires real-time tampering with an encrypted connection, wholesale capture of your users’ encrypted transmissions with your server, and subsequent decryption of that data hours or days later. If that is a threat that matters to you and your users, you already know this from threat modelling and you need to address this issue with a high priority.
"This is not a high priority threat for many sites and services. More importantly, they are probably threatened by much easier attacks and should address those first. Logjam is important, but mainly for people who have the rest of their software security house in order. If I had a choice of addressing cross-site scripting, broken authorisation, or Logjam, I would fix Logjam last, every time."
3. Long term detrimental effects
Gavin Millard, EMEA technical director at Tenable Network Security, said:
"Logjam is yet another SSL/TLS bug due to the weakened encryption introduced in the 90’s by the U.S. for export purposes, which could impact up to 10% of the top 1 million websites.
"With both sides of the Atlantic debating introducing privileged access to our private data via the Snooper Charter in the UK and the requested "front door access" in the U.S. we should remember that these flaws, however positioned and politically motivated at the time, can have long term detrimental effects to safe and secure online trade for years to come."
4. Out with the old, in with the new
James Maude, security engineer at Avecto, said:
"The LogJam issue highlights how far back the long tail of security stretches. As new technologies emerge, and cryptography hardens, many simply add on new solutions without removing out-dated and vulnerable technologies. This effectively undermines the security model you are trying to build. Several recent vulnerabilities such as POODLE and FREAK have harnessed this type of weakness, tricking clients into using old, less secure forms of encryption.
"We can not predict the future so the best option is to be as secure as technology allows. Organisations should not only be looking at what to add but what to remove as part of a strong patch management and update process. Ultimately, security is a journey, not a destination and all aspects need to continuously evolve as we move forward."
5. Agile response, not business as usual
Ollie Whitehouse, technical director at NCC Group, said:
"This issue once again highlights the need for organisations to respond in an agile manner to such vulnerabilities. They have become ‘business as usual’. This ability should typically be underpinned by having detailed asset registers, coupled with both vulnerability management programs and strong relationships with software and equipment producers.
"However, one area where companies are likely to struggle is embedded devices. It is these that will be the long tail when it comes to ensuring a comprehensive response, due to slow or inadequate vendor security sustainment processes."