freistilbox is secure from Logjam SSL attack
Published 2015-05-28 by
A few days ago, a new SSL vulnerability called “Logjam” was published. The attack exploits weak “Diffie-Hellman” (DH) parameters in incorrectly configured SSL/TLS servers.
We decrypt incoming SSL traffic right on our Edge Routers in order to enable content caching for both plain-text and encrypted web requests. Since we follow best practices, we don’t use any of the vulnerable cryptography. No changes in our Edge Routers were necessary to mitigate LogJam.
In order to deliver the best SSL processing performance possible, our Edge Routers prefer key exchanges based on “Elliptic Curve” cryptography, thus avoiding problems with DH altogether.
We are proud that the SSL configuration of our Edge Routers is rated “A+” by SSL Labs, and happy to give you peace of mind about the security of your website traffic.