Another HTTPS vulnerability has started to make its rounds earlier this morning. Dubbed Logjam by its researchers, the vulnerability stems from the US's encryption export mandate back in the 1990s. This particular vulnerability, in the transport-layer security layer protocol, breaks the Diffie-Hellman perfect forward-secrecy. Susceptibility to the vulnerability is depended on servers and clients supporting the DHE_EXPORT encryption scheme, or using a key less-than-or-equal to 1024 bits...
May 20, 2015
Another HTTPS Vulnerability Rattles The Internet
Read more at Phoronix