Logjam security vulnerability CVE-2015-4000
A potential weakness is exposed with DH and DHE cipher suites that relates to the Logjam security vulnerability. This vulnerability is addressed in service refresh 1 fix pack 1.
The Logjam security vulnerability describes a weakness with Transport Layer Security (TLS) protocols V1.2 and earlier versions, caused by the failure to properly convey a DHE_EXPORT cipher suite choice. This specific issue does not affect IBM® SDK, Java™ Technology Edition, because DHE_EXPORT cipher suites are disabled by default. However, the Logjam vulnerability does affect DH and DHE cipher suites; the server can send a weak DH key, which is then subject to a man-in-the-middle attack. To mitigate against this exposure, weak DH keys are disabled at the client by specifying the minimum key size that the client will accept.
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768
If the java.security file is
not updated with DH keySize < 768
for the
jdk.tls.disabledAlgorithms property, JSSE2 applies a minimum default key size
of 768 for DH keys. However, if an entry exists in the java.security for
jdk.tls.disabledAlgorithms with a DH key size set, IBMJSSE2 does not override
it.
When FIPS mode is enabled in the IBMJSSE2 provider by setting com.ibm.jsse2.usefipsprovider=true, a 2048-bit DH key is used on the server side.