Function: nsm-protocol-check--dhe-kx
nsm-protocol-check--dhe-kx is a byte-compiled function defined in
nsm.el.gz.
Signature
(nsm-protocol-check--dhe-kx HOST PORT STATUS &optional SETTINGS)
Documentation
Check for existence of DH key exchange based on integer factorization.
In the years since the discovery of Logjam, it was discovered that there were rampant use of small subgroup prime or composite number for DHE by many servers, and thus allowed themselves to be vulnerable to backdoors[1]. Given the difficulty in validating Diffie-Hellman parameters, major browser vendors had started to remove DHE since 2016[2]. Emacs stops short of banning DHE and terminating connection, but prompts the user instead.
References:
[1]: Dorey, Fong, and Essex (2016). "Indiscreet Logs: Persistent
Diffie-Hellman Backdoors in TLS.",
https://eprint.iacr.org/2016/999.pdf
[2]: Chrome Platform Status (2017). "Remove DHE-based ciphers",
https://www.chromestatus.com/feature/5128908798164992
Source Code
;; Defined in /usr/src/emacs/lisp/net/nsm.el.gz
(defun nsm-protocol-check--dhe-kx (_host _port status &optional _settings)
"Check for existence of DH key exchange based on integer factorization.
In the years since the discovery of Logjam, it was discovered
that there were rampant use of small subgroup prime or composite
number for DHE by many servers, and thus allowed themselves to be
vulnerable to backdoors[1]. Given the difficulty in validating
Diffie-Hellman parameters, major browser vendors had started to
remove DHE since 2016[2]. Emacs stops short of banning DHE and
terminating connection, but prompts the user instead.
References:
[1]: Dorey, Fong, and Essex (2016). \"Indiscreet Logs: Persistent
Diffie-Hellman Backdoors in TLS.\",
`https://eprint.iacr.org/2016/999.pdf'
[2]: Chrome Platform Status (2017). \"Remove DHE-based ciphers\",
`https://www.chromestatus.com/feature/5128908798164992'"
(let ((kx (plist-get status :key-exchange)))
(when (string-match "^\\bDHE\\b" kx)
(format-message
"unable to verify Diffie-Hellman key exchange method (%s) parameters"
kx))))