Diffie-Hellman Key Exchange Security Advisory [15 May 2015] -- Protocol downgrade vulnerability (CVE-2015-4000 "Logjam")
search cancel

Diffie-Hellman Key Exchange Security Advisory [15 May 2015] -- Protocol downgrade vulnerability (CVE-2015-4000 "Logjam")

book

Article ID: 42638

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

Diffie-Hellman Key Exchange

US-CERT/NIST has issued a security advisory, CVE-2015-4000 ("Logjam").

Per NIST: The TLS protocol 1.2 and earlier--when a DHE_EXPORT cipher suite is enabled on a server but not on a client--does not properly convey a DHE_EXPORT choice ... [It] allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

In addition, certain client applications are now enforcing a minimum public key strength requirement for server applications. Some browser applications (such as Chrome and Firefox) will block a TLS-enabled HTTP request is certain strength requirements are not met--even if DHE_EXPORT is not an available cipher. The API Gateway does not support the use of DHE_EXPORT and is not vulnerable to the cipher-downgrade attack but the default configuration of the API Gateway does result in HTTPS requests being blocked by the browser.

CA Technologies has been reviewing the vulnerability against our product suite to ensure that we understand the complete coverage that this issue may extend to. Based on our findings, we have determined that certain Gateway application configuration directives will need to be changed to accommodate for this behavioral change.

 

Certain browsers will return certain error messages if a TLS request is blocked due to this vulnerability. Either of these error messages means that the API Gateway will need a fix:

Firefox

Secure Connection Failed: An error occurred during a connection to gateway.domain.com. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

Chrome

Server has a weak ephemeral Diffie-Hellman public key. ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY

 

 

Environment

Product(s): CA API Gateway / Firewall / API Proxy / Mobile Access Gateway
Version(s): All versions

Product: CA API Developer Portal
Version(s): Not impacted

Resolution

Product(s): CA API Gateway / Firewall / API Proxy / Mobile Access Gateway
Version(s): All versions

The TLS providers used by the API Gateway do not provide a sufficiently strong public key component when using ephemeral Diffie-Hellman key exchange. This results in some browsers blocking requests to API Gateways. This behavior can be addressed by disabling all cipher suites that are using plain Diffie-Hellman (DH) or ephemeral Diffie-Hellman (DHE) without elliptic curve cryptography (ECDH or ECDHE). Cipher suites can be adjusted via the SSL/TLS Settings tab of the Listen Port Properties dialog. The procedure for selecting suites is documented here: Selecting Cipher Suites

Product: CA API Developer Portal
Version(s): Not impacted

The API Developer Portal does not use DHE_EXPORT ciphers and uses a sufficiently strong Diffie-Hellman public key. No action is required.

Additional Information

The 'update-dispatcher.sh' file in the util folder has the list of supported/configured cipher suites. The cipher suites listed in this file are the only ciphers used by the portal.

Powered by Wolken Software