Pierluigi Paganini
March 04, 2015
IT industry is facing with a new major security SSL/TLS vulnerability that for more than a decade left users of Apple and Google devices vulnerable to hacking when they visited millions of legitimate and secure websites. At the moment, experts sustain that Windows and Linux devices are not affected.
The critical vulnerability codenamed FREAK (CVE-2015-0204), also known as Factoring Attack on RSA-EXPORT Keys, could be exploited by threat actors to run man-in-the-middle attacks on encrypted traffic when Internet users visited supposedly secured websites.
By exploiting the FREAK flaw an attacker can force clients to use older and weaker encryption, then he can crack the traffic protected with 512-bit key encryption in a few hours. Once decrypted the traffic a threat actor can steal sensitive information or launch an attack by injecting malicious code.
“The flaw resulted from a former U.S. government policy that forbade the export of strong encryption and required that weaker “export-grade” products be shipped to customers in other countries, say the researchers who discovered the problem. These restrictions were lifted in the late 1990s, but the weaker encryption got baked into widely used software that proliferated around the world and back into the United States, apparently unnoticed until this year.” states the Washington Post on the FREAK vulnerability
The FREAK vulnerability was discovered by security researchers of French Institute for Research in Computer Science and Automation (Inria) and Microsoft, it affects both OpenSSL versions 1.01k and earlier and Apple’s Secure Transport.
Back in 1990s it was allowed a maximum key length of 512 bits for “export-grade” encryption, the situation changed in 2000 due to a modification of the US export laws. Starting from 2000 vendors were allowed to include 128-bit ciphers in the products that were distributed all over the world. The experts that found the FREAK vulnerability discovered that the “export-grade” cryptography support was never removed. The Assistant Research Professor Matthew Green of Johns Hopkins University’s Information Security Institute in Maryland has provided a detailed explanation of the FREAK attack in a blog post explaining how to run a MitM attack exploiting the vulnerability.
A scan of more than 14 million websites that support the SSL/TLS protocols has revealed that the FREAK vulnerability affects nearly 36 percent of SSL WEBSITES.
“Based on some recent scans by Alex Halderman, Zakir Durumeric and David Adrian at University of Michigan, it seems that export-RSA is supported by as many as 5.2% 36.7% (!!!!) of the 14 million sites serving browser-trusted certs. The vast majority of these sites appear to be content distribution networks (CDN) like Akamai. Those CDNs are now in the process of removing export grade suites.” states Matthew Green.
In a classic attack scenario for the exploitation of the FREAK vulnerability, the victim running a vulnerable device (i.e. Android smartphones, iPhones and Macs running Apple’s OS X operating system) visits a vulnerable HTTPS-protected website.
The web server administrators are invited to disable support for export suites, including all known insecure ciphers, and enable forward secrecy.
The good news is that Google has already distributed a patch for its Android OS, the fix has already been distributed to partners. Apple announced to have also developed a fix for the FREAK flaw and that will release it in the next update.
“We have a fix in iOS and OS X that will be available in software updates next week.”
(Security Affairs – FREAK, SSL/TLS)
