How Diffie-Hellman Fails in Practice
Security researchers from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania reveal that the Diffie-Hellman key exchange as used in popular Internet protocols is actually less secure than it is widely believed. They present a novel flaw in TLS that allows a man-in-the-middle to downgrade connections to “export-grade” Diffie-Hellman. They also conclude that moving to stronger key exchange methods should be a priority for the Internet community.
Read the full paper here - https://weakdh.org/imperfect-forward-secrecy.pdf