This repository was archived by the owner on Dec 6, 2023. It is now read-only.
This repository was archived by the owner on Dec 6, 2023. It is now read-only.
Logjam vulnerability detection #76
Description
See https://weakdh.org.
- By eavesdropping on traffic, nogotofail should be able to detect whether a DH key exchange occurred over a group smaller than 1024 bit -- the current cutoff being deployed as mitigation against Logjam. The catch here is that clients which accept smaller groups will not be flagged unless the server actually uses a smaller group.
- By MiTMing traffic with servers which support export versions of DH cipher suites, nogotofail should be able to detect clients which accept the resulting smaller DH groups.