TLS/SSL (EC)DHE Key Reuse - Vulnerability Database

TLS/SSL (EC)DHE Key Reuse

Description

The remote server is configured to reuse the same Diffie-Hellman Ephemeral (DHE) or Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) public keys across multiple TLS/SSL connections. Ephemeral keys should be generated uniquely for each session to ensure forward secrecy. Key reuse weakens the cryptographic protection and may enable attackers to decrypt previously captured traffic through cryptanalytic attacks such as the Raccoon Attack.

Remediation

Configure the TLS/SSL server to generate fresh ephemeral keys for each connection. For OpenSSL-based servers, ensure the SSL_OP_SINGLE_DH_USE and SSL_OP_SINGLE_ECDH_USE flags are enabled. These flags force the generation of new ephemeral keys for every handshake.

For Apache with mod_ssl, add to your SSL configuration:

SSLOpenSSLConfCmd Options +SingleDHUse,+SingleECDHUse

For Nginx, add to the http or server block:

ssl_conf_command Options SingleDHUse,SingleECDHUse;

For OpenSSL library implementations, set the options programmatically:

SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE);

After making configuration changes, restart the affected service and verify the fix by rescanning the server.

References

Raccoon Attack

Raccoon Attack (Technical Paper, PDF)

Logjam Attack

Logjam Attack (Technical Paper, PDF)

List of SSL OP Flags (see: SSL_OP_SINGLE_DH_USE, SSL_OP_SINGLE_ECDH_USE)

Related Vulnerabilities

Severity

Information

Classification

CWE-310

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N