Imperfect forward secrecy: how Diffie-Hellman fails in practice
Communications of the ACM, pp. 106-114, 2018.
We investigate the security of Diffie-Hellman key exchange as used in popular Internet protocols and find it to be less secure than widely believed. First, we present Logjam, a novel flaw in TLS that lets a man-in-the-middle downgrade connections to "export-grade" Diffie-Hellman. To carry out this attack, we implement the number field sie...More
Full Text (Upload PDF)
PPT (Upload PPT)