Diffie-Hellman key exchange is one of the most common public-key cryptographic methods in use in the Internet. It is a fundamental building block for IPsec, SSH, and TLS. Diffie-Hellman key exchange allows two parties to agree on a shared secret in the presence of an eavesdropper. Since the security of Diffie-Hellman relies crucially on the group parameters, implementations can be vulnerable to an attacker who provides maliciously generated parameters that change the properties of the group. In January 2016 we found a vulnerability affecting OpenSSL leveraging indeed this kind of attack (CVE-2016-0701). The research made while studying OpenSSL code base also highlighted a semi-mysterious RFC (RFC 5114 – “Additional Dif e-Hellman Groups for Use with IETF Standards”) originating from Defense contractor BBN. The mathematical property of the groups introduced in RFC 5114 were of particular interest since made OpenSSL particularly susceptibleto a Key Recovery Attack.