Newly discovered NSA backdoor to TLS and VPN encryption

linp · May 26, 2015

The Logjam Attack ,another vulnerability exploited for who knows how long.....
New encryption flaw, LogJam, puts Web surfers at risk
Bolehvpn statement:

However, notwithstanding the implications of Logjam, BolehVPN is not subject to this vulnerability as we had updated our encryption mechanisms last year to use the 2048 bit Diffie Helman exchange. We continue to be at the forefront of VPN encryption developments and are constantly evaluating the best mix of security and speed.
Click to expand...

Airvpn:

We confirm that:
- in VPN servers we use Diffie-Hellman 4096-bit keys
- in VPN servers we do not use the same prime numbers used by millions of web sites
- our web site does not support DHE_EXPORT
and:
between 2010 and 2014 we anyway used 2048 bit DH, we never implemented 1024 DH in the public service.
That said, we are still investigating whether a TLS downgrade on the Control Channel is possible and, even if it was, how to affect DHE to force one of the sides to a DHE_EXPORT downgrade up to 512 bit.
Click to expand...

SK_Hendrik · May 26, 2015

SecurityKISS VPN servers are safe, because we don't support TLS_RSA_EXPORT/DHE_EXPORT cipher suites.

stapp · May 26, 2015

Ongoing thread here.

https://www.wilderssecurity.com/thre...-of-thousands-of-web-and-mail-servers.376367/

Let's continue there.

Log in or Sign up

Newly discovered NSA backdoor to TLS and VPN encryption

linp Registered Member

SK_Hendrik Registered Member

stapp Global Moderator

Log in or Sign up

Newly discovered NSA backdoor to TLS and VPN encryption

linp Registered Member

SK_Hendrik Registered Member

stapp Global Moderator

Useful Searches