Tackling Logjam

Mitigating LogjamWondering what fixing Logjam has to do with security? Keep reading. This logjam is not the literal kind, and it has a lot to do with security.

It is the name of the newest security vulnerability, explained here, or on the technical paper from the same site.

Logjam, as explained by the group of cryptographers who named it, is a flaw in TLS encryption. From their site, “Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.”

There are several weaknesses in how that key exchange is deployed explained in the technical paper. This vulnerability could affect websites, mail servers, and other TLS-dependent services that support the ciphers that are at risk for the Logjam attack.

Read more about who is affected and what to do on https://weakdh.org/


Mitigating Logjam

How is SendThisFile Mitigating Logjam?

As soon as we heard about Logjam, our team went to work researching what it was all about. We currently have Logjam mitigation in place on all of our servers. With this mitigation, users to our service shouldn’t notice anything different and there was no disruption of service. Should you have any technical questions on our mitigation and how it relates to your account, please contact us at 316-942-4707.


Image credit.