How Diffie-Hellman Fails in Practice

Security researchers from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania reveal that the Diffie-Hellman key exchange as used in popular Internet protocols is actually less secure than it is widely believed. They present a novel flaw in TLS that allows a man-in-the-middle to downgrade connections to “export-grade” Diffie-Hellman. They also conclude that moving to stronger key exchange methods should be a priority for the Internet community.

Read the full paper here – https://weakdh.org/imperfect-forward-secrecy.pdf

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top