On March 3, 2015, a group of researchers announced that they had discovered a serious web encryption vulnerability. The group, which was led by Paris-based researcher Karthikeyan Bhargavan, called the vulnerability FREAK, which stands for “Factoring attack on RSA-EXPORT Keys.” FREAK was found to affect 5 million websites as well as the millions of people using Apple, Google, and Microsoft products.
While many companies have already released fixes for the problem, it’s important to understand the origins of the FREAK flaw, how it threatens computers, and how to protect your computer.
Origins of the FREAK Flaw
The origins of the FREAK flaw go back to the 1990s. At the time, the United States was engaged in the so-called Crypto Wars. To limit other countries’ access to advanced cryptography tools, the U.S. government restricted the export of products with high-grade encryption. Exported products were essentially forced to support what became known as export-grade encryption.
Software implemented during this time tended to support both export-grade and high-grade encryption. This strategy ensured the largest possible market. Although the U.S. government later repealed the restrictions, support for export-grade encryption has remained.
At the time, the export-grade encryption seemed reasonably secure. Export-grade encryption was limited to RSA keys containing 512-bits. This level of security blocked all but state-actors, which was the original intention of the restrictions.
By 2009, however, 512-bit keys were proven insufficient. According to one study, such keys could be cracked in 7 hours using the computing equivalent of 75 personal computers. In contrast, researchers and IT security professionals have yet to uncover (or at least publicly display) a viable method for cracking a 1024-bit encryption key, which is twice as long and exponentially harder to break. It would take at least a year to crack a 1024-bit key using the computing equivalent of a few million personal computers. It would take even longer to crack a 2048-bit encryption key, which is now considered a best practice among modern encryption technologies.
How the FREAK Flaw Works
The FREAK flaw takes advantage of the mismatch between the differing encryption versions. Specifically, an attacker secretly relays communication between a client and a server who believe they are directly communicating with each-other. This is known as an MITM or Man-In-The-Middle attack.
The attacker then tricks both parties into allowing the connection to be downgraded to use export-grade keys, even when the client and server both support (and even requested) a more secure connection.
With access to a successfully downgraded connection, the attacker then uses traditional cracking techniques to gain full access to the previously secure channel.
Who Is Vulnerable to the FREAK Flaw
Attacks using the FREAK flaw are possible when both a client and server support export-grade encryption. A team of computer scientists at the University of Michigan tested numerous web browsers and websites for the vulnerability, and have reported their findings.
Several major web browsers were found to be susceptible to the FREAK flaw. They include Internet Explorer, Chrome for Mac OS, Chrome for Android, Safari for Mac OS, Safari for iOS, Android’s default browser, BlackBerry’s default browser, Opera for Mac OS, and Opera for Linux.
More than a third of the 14 million websites checked for the FREAK flaw were found to be vulnerable, including the websites of such noteworthy companies as American Express, Business Insider, Bloomberg, JCPenney, and Motorola. Even the White House, U.S. Senate, FBI, and NSA websites were found to be vulnerable.
Microsoft performed its own tests and found that several supported releases of Windows were also vulnerable, including Windows Server 2012, Windows Server 2008, Windows Server 2003, Windows 8, Windows 7, Windows Vista, and Windows RT.
What You Can Do to Protect Your Computer
Researchers have yet to find a confirmed case of a hacker exploiting the FREAK flaw. However, increased awareness of this vulnerability will likely cause some hackers to try to use it in their attacks. As a result, many vendors such as Microsoft, Apple and Google have rushed to release fixes to resolve this issue once and for all.
Since FREAK requires both the server and the client to be vulnerable, the community has taken a two-pronged approach. Patches have been released for browsers, while support has been removed for export-grade encryption from websites.
Unfortunately, some products have not been fixed, leaving users exposed.
You can check to see if your computer or website is vulnerable to FREAK by going to freakattack.com.