wolfSSL and CyaSSL are Not Vulnerable to the Recent Logjam Attack

The Logjam Attack exploits legacy SSL cipher suites from the 1990s that use DH and DHE export keys.  By definition a server in export mode has to use a low bit strength DH key (512 bits or less), which can now be cracked swiftly.  Even if a client supports export cipher suites but doesn’t broadcast support for them a man in the middle attacker can force the server to use the low grade key.  Fortunately for wolfSSL embedded SSL users we do not support export cipher suites.  No versions of wolfSSL or CyaSSL are vulnerable to the Logjam attack.  Our next version will allow build-time or run-time setting of minimum ephemeral key strengths for embedded TLS.

For more information check out https://weakdh.org.