FREAK update 03/09/2015: Windows systems are also vulnerable. Microsoft has advised that Windows Secure Channel (Schannel) was also affected by the SSL/TLS encryption downgrade bug, but that “[when] this security advisory was originally released, Microsoft had not received any information to indicate that this issue had been publicly used to attack customers.” Workarounds have been suggested to mitigate the vulnerability.
The Washington Post reports that “technology companies are scrambling to fix” yet another SSL/TLS vulnerability affecting many Apple and Google devices. FREAK (Factoring RSA Export Keys – designated CVE-2015-0204) exploits a decades-old US export policy affecting strong encryption.
During the cold war, military cryptanalysts were concerned about enemy use of strong cryptography, and classified it as a weapon. The US Government therefore banned the export of strong cryptography, and mandated that export-grade products with weaker encryption were shipped abroad instead.
Although the policy was abandoned in the late 1990s, many products with weakened cryptography are still available, including many that came into existence long after the export restrictions were lifted. A lot of them are in the domestic market. Researchers have now found that these products are susceptible to man-in-the-middle (MITM) attacks.
The Washington Post explains: “The export-grade encryption had 512 bits, the maximum allowed under US restrictions designed to limit trade in military technologies in the 1990s… But 512-bit cryptography has been considered unacceptably weak for more than a decade. Even experts thought it had disappeared.”
Attackers can intercept HTTPS connections between vulnerable devices and the web servers of secure websites. Once intercepted, the connections could be forced to downgrade to the weaker export-strength cryptography – which could be cracked within hours using Cloud computing services hired for less than USD$100, according to cryptographer Matthew Green.
Hackers could then steal passwords and personal information.
This flaw has been present for well over a decade, affecting HTTPS traffic accessed via iPhones, Android phones, and Macs running OS X.
Researchers say that the vulnerability is exploitable on clients using OpenSSL versions earlier than 1.0.1k on Android’s built-in browser and Safari. Patches are apparently imminent. We advise that you apply them as soon as they become available.
A recent scan of 14 million websites found that more than 36 percent of them – over five million – were vulnerable, including well-known brands and government sites.