Security Vulnerability : Logjam aka CVE-2015-4000

This document (7016529) is provided subject to the disclaimer at the end of this document.


SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10


Recently a new vulnerability within TLS implementations was published, called Logjam (CVE-2015-4000).

The researcher website and paper can be found on

Logjam actually consists of multiple issues related to each other.

The attacks target the Diffie-Hellman key exchange, which is used to implement Perfect Forward Secrecy (every TLS connections gets different keys, so a leaked key can not be used to decrypt previous or future

1. Downgrading DH parameter curves to export strength

   The core attack is a downgrade of the DH parameters used during the initial TLS setup to an export strength of 512 bits. The researchers showed that they break the DH key exchange with a 512bit parameter set in near realtime.

   This has to be filtered out by the SSL client.  Many of them still allow such downgrades and would work.

   Our plan:

   In the near future SSL client applications and libraries will be upgraded to reject too-short parameter sets outright. This covers openssl and mozilla-nss and potentially others.

2. Using more than one DH parameter set

   A secondary issue found by the researchers is that a huge part of internet services only use specific and static parameters.  They also think that breaking a 1024 bit parameter is in reach of organizations with sufficient knowledge and compute power.  A large part of the internet uses the same 1024 bit DH parameter set, so breaking one of these would break a lot of services at the same time.


   One way to solve this is to deploy or allow deployment of different and longer DH parameters in SSL services specific to the system to avoid reusing the known upstream sets.

Some tools:

   Generate a new dhparam set with e.g.:
   openssl dhparam -out dhparams.pem 2048
How to add this to our services:

For mod_ssl changing the DH parameters is currently not implemented, we will work on an update.
A workaround is to use mod_nss (from apache2-mod_nss), which is not affected (it does not support Diffie-Hellman, only Elliptic Curve Diffie-Hellman).
To supply DH Parameters, these can be appended to the first SSL Certificate, e.g. with
    # cat dhparams.pem >>/etc/apache2/ssl.crt/server.crt
where server.crt is the first "SSLCertificateFile" listed.

Has already allowed specifying the DH parameter with the "dh" keyword, if you have used the include dh1024.pem we recommend to replace this with a fresh generated one.

Uses standard defined DH parameters which cannot be changed.

SLE11 and SLE12 already use the Elliptic Curve Diffie-Hellman (ECDH). By default key exchange is not affected by the Logjam problem.
In addition it is possible to change the OpenSSH configuration to increase the minimum Diffie-Hellman group size.



This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7016529
  • Creation Date: 21-May-2015
  • Modified Date:25-Sep-2020
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center