Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.

Logjam is a new attack against the Diffie-Hellman key-exchange protocol used in TLS. Basically:

The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection. The attack is reminiscent of the FREAK attack, but is due to a flaw in the TLS protocol rather than an implementation vulnerability, and attacks a Diffie-Hellman key exchange rather than an RSA key exchange. The attack affects any server that supports DHE_EXPORT ciphers, and affects all modern web browsers. 8.4% of the Top 1 Million domains were initially vulnerable.

Adempiere 370 too can’t get away with this vulnerability issue. The good news is that it is only susceptible to passive eavesdropping from an attacker with nation-state resources, so you should be less worry. Nevertheless, to eliminate the risk, we have to disable the use of the weak Diffie-Hellman group and use a stronger 2048-bit group. If you don’t do this, your server is no longer accessible using the most recent release of popular browsers. You would get Secure Connection Failed error (see also our post about how to temporarily solve the error).

JSSE Configuration

If you run your own Adempiere 370 server, you might want to follow this advice. Open file serverTemplate.xml that resides in @ADEMPIERE_HOME@\jboss\server\adempiere\deploy\jboss-web.deployer. Look for Connector that define a SSL HTTP/1.1 and add ciphers attribute as shown below.

<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<Connector port="@ADEMPIERE_SSL_PORT@" address="${jboss.bind.address}" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false"
keystoreFile="@ADEMPIERE_KEYSTORE@"
keystorePass="@ADEMPIERE_KEYSTOREPASS@"
sslProtocol="TLS"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
/>

Choosing a cipher suite

A cipher suite is really four different ciphers in one, describing the key exchange, bulk encryption, message authentication and random number function. In this particular case, we’re focusing on the bulk encryption cipher.

The JSSE list of cipher suites is here and there is an extensive comparison list. There’s a number of different ciphers available, and the list has changed substantially between JDK 1.7 and JDK 1.6.

In 1.6, the default list is out of order — some of the weaker ciphers show up before the stronger ciphers do. Not only that, but 1.6 has no support for Elliptic Curve cryptography (ECC) ciphers, which are much stronger and allow for perfect forward secrecy. In 1.7, the default cipher list is reportedly pretty good. Unfortunately Adempiere 370 is still using 1.6.

Choosing a browser

Make sure you have the most recent version of your browser installed, and check for updates frequently. Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack.

Reference

Guide to Deploying Diffie-Hellman for TLS
SSL/TLS, ciphers, perfect forward secrecy and Tomcat
Fixing the Most Dangerous Code in the World