Reference Guide
SSL/TLS Communications 5
RSA BSAFE SSL-J 6.2.6 Security Best Practices Guide
Logjam Vulnerability
In TLS 1.2 and earlier, a Man-in-the-Middle attack can occur where an attacker might
be able to force a client downgrade to Ephemeral Diffie-Hellman (DH) keys with
export-grade cipher strength.
For more information about the Logjam Vulnerability, see CVE-2015-4000.
How to Help Prevent the Attack
The best ways to help prevent the Logjam attack is to:
• transition to using Ephemeral Elliptic Curve DH cipher suites
(
TLS_ECDHE_ECDSA_WITH_*), if possible
• disable export cipher suites and use DH groups with 2048-bit primes on servers
• either disable the use of Ephemeral DH cipher suites on vulnerable clients or
configure clients to reject DH groups with primes smaller than 2048 bits.
SSL-J Prevention for the Logjam Vulnerability
SSL-J 6.2.1 and above protect against this vulnerability automatically. The default
minimum DH temporary key size is set to 2048 bits.
No code changes are required to protect against this vulnerability.
The minimum DH temporary key size accepted by the client for a key exchange can
be configured by setting the following security property:
com.rsa.ssl.client.keyexchange.dhe.minkeysize
For example, the minimum key size could be:
• increased to 2048 if it is known that all the servers to which the client connects use
DH groups with 2048-bit primes
• reduced to 768 in order to interoperate with older servers.
For further details and instructions on how to set this property, see Introduction >
System and Security Properties in the RSA BSAFE SSL-J Developer Guide.