How to set custom DH group in Java SSLEngine to prevent Logjam attack?

后端 未结 1 1120
迷失自我
迷失自我 2021-02-20 17:20

The new Logjam attack on TLS is based on common DH groups. This link recommends generating a new, custom 2048-bit DH group for each server.

How can I set a custom DH gro

1条回答
  •  滥情空心
    2021-02-20 17:54

    Java (JCE/JSSE) uses DH parameters from some well known DSA groups. The JCE parameter generator allows only to produce groups with sizes between 512 and 1024 bit (or 2048), but the JSSE implementation on the other side only accepts custom sizes between 1024 and 2048.

    This has the affect you cannot use any of the custom sizes, only 1024 or 2048 (with Java 8). Keep in mind that Java 7 still only uses 768 bit as a server (or 512 in exportable crypto mode).

    Starting with version 8 Java servers use by default 1024 bit. You can increase the server side to 2048 bit with jdk.tls.ephemeralDHKeySize=2048. See Customizing Size of Ephemeral DH Keys.

    Java as TLS client is less strict in older versions and accepts unsafe groups.

    Update: with OpenJDK 8U65 (JSSE) there is a security property jdk.tls.server.defaultDHEParameters which can define finit-field parameters.

    0 讨论(0)
提交回复
热议问题