A new encryption attack, dubbed Logjam has emerged over the Internet that allows attackers to read and modify the sensitive data passing through encrypted connections.
This would allow man-in-the-middle (MitM) attacks to downgrade encrypted connections between a user and a Web or email server to use extremely weaker 512-bit keys which can be easily decrypted.
Who can be affected? Potentially hundreds of thousands of HTTPS-protected sites, mail servers, and other widely used Internet services.
Johns Hopkins crypto researcher Matthew Green along with security experts from the University of Michigan and the French research institute Inria discovered LogJam a few months ago and published a technical report that details the flaw.
The dilemma comes from the fact that fixing the bug could cause thousands of Internet websites to break.
Picture Credit: Computerworld.com