Scanning for Weak Diffie-Hellman Groups

In May 2015, newly disclosed research focused on a new vulnerability, coined Logjam, which affected the Diffie-Hellman key exchange component of the TLS protocol. While this research only addressed one part of the multi-faceted cryptographic disclosure, many other services rely on diffie-hellman and are potentially vulnerable. It is critical to be vigilant and conduct regular vulnerability scans to harden infrastructures against aftershock-style attacks. 

In this Whitepaper, you'll learn about:

  • The weaknesses affecting Diffie-Hellman implementations based on modular integer arithmetic;
  • How a new Nmap script designed to detect those weaknesses also helps to identify more subtle vulnerabilities, useful to server administrators and vulnerability scanning teams.

Ready to start the conversation about cybersecurity?

Let's Talk