Insecure Diffie-Hellman key exchange

ID MFSA2010-72
Type mozilla
Reporter Mozilla Foundation
Modified 2010-10-19T00:00:00


Mozilla cryptographer Nelson Bolyard reported that the SSL implementation was permitting servers to use Diffie-Hellman Ephemeral mode (DHE) with too short of a minimum key length. DHE keys of such lengths are trivially breakable on modern hardware so SSL servers operating in this mode were providing very little effective security for their clients.