Changes between Version 1 and Version 2 of Logjam


Ignore:
Timestamp:
05/23/15 16:49:07 (3 years ago)
Author:
syzzer
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Logjam

    v1 v2  
    44https://weakdh.org/
    55
    6 The attacks only affects OpenVPN is very limited ways, because:
     6The attacks only affect OpenVPN in very limited ways, because:
    771. OpenVPN encourages users to generate their own DH-group using 'openssl dhparam', instead of using common groups. The man page / examples used to provide 1024 bits DH keys (updated to 2048 recently), and although 1024 bits dh params //can// be broken, that is still //very// expensive. Probably too expensive for your data if you don't share the group with others.
    882. OpenVPN does not support EXPORT DH parameters and thus the TLS rollback attack does not apply to OpenVPN.