At a time when many governments (notably the US government) are pushing for backdoors in encryption that ‘only they’ can access, news that popular websites are having to deal with fallout from a government program forcing US tech companies to weaken security in encrypted products sold overseas could hardly be a more timely reminder of how absurd the idea of deliberately weakening encryption actually is!
The security flaw has been ‘in the wild’ for more than a decade, and leaves Apple and Android users vulnerable to hacking when visiting supposedly secure websites such as americanexpress.com, marriot.com, kohls.com and, ironically enough, whitehouse.gov, nsa.gov and fbi.gov!
The problem originates with an old US government policy that forbade the export of strong encryption to foreign countries on security grounds. Although the policy was dropped by 2000 (in large part thanks to the Bernstein Case), weakened ‘export grade’ encryption remained embedded in US security products for years to come.
Known as the ‘FREAK attack’ (Factoring attack on RSA-EXPORT Keys), this old but only newly discovered vulnerably allows hackers to force a browser to use weaker ‘export grade’ 512-bit SSL/TLS keys, rather than the 1024-bit or even 2048-bit keys commonly used to secure connections to website’s today. The Washington Post provides a nice infographic explaining why this is problem…
One of the researchers who discovered the weakness puts it more succinctly,
‘A group of cryptographers at INRIA, Microsoft Research and IMDEA have discovered some serious vulnerabilities in OpenSSL (e.g., Android) clients and Apple TLS/SSL clients (e.g., Safari) that allow a ‘man in the middle attacker’ to downgrade connections from ‘strong’ RSA to ‘export-grade’ RSA. These attacks are real and exploitable against a shocking number of websites — including government websites. Patch soon and be careful.’
It should be noted that although the flaw has existed for over a decade now, no ‘FREAK attacks’ are actually known to have occurred (yet).
Users of the Apple Safari bowser and the Google Android browser are vulnerable, however, and should use alternate browsers (such as Firefox) until the problem is patched.
Apple has said that its fix will be available next week, and Google said it has provided a patch to device makers and wireless carriers (although given past form it could take months for this to roll out to users).
A full list of websites affected by the vulnerability is available here.
As far as we are concerned, the real lesson to be learned from this whole sorry situation is that strong encryption is vital for everyone’s security, and that governments should back off in their never ceasing quest to compromise it!