SSL/TLS Vulnerability Explained

2015.03.04
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-310


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

Another new widespread and disastrous SSL/TLS vulnerability has been uncovered that for over a decade left Millions of users of Apple and Android devices vulnerable to man-in-the-middle attacks on encrypted traffic when they visited supposedly 'secured' websites, including the official websites of the White House, FBI and National Security Agency. Dubbed the "FREAK" attack (CVE-2015-0204) also known as Factoring Attack on RSA-EXPORT Keys " enables hackers or intelligence agencies to force clients to use older, weaker encryption i.e. also known as the export-grade key or 512-bit RSA keys. FREAK vulnerability discovered by security researchers of French Institute for Research in Computer Science and Automation (Inria) and Microsoft, resides in OpenSSL versions 1.01k and earlier, and Apple's Secure Transport. 90s WEAK EXPORT-GRADE ENCRYPTION Back in 1990s, the US government attempted to regulate the export of products utilizing "strong" encryption and devices were loaded with weaker "export-grade" encryption before being shipped out of the country. At that time, it was allowed a maximum key length of 512 bits for 'export-grade'; encryption. Later in 2000, with the modification of the US export laws, vendors were able to include 128-bit ciphers in their products and were able to distribute these all over the world. The only problem is that 'export-grade'; cryptography support was never removed and now three decades later, FREAK attack make it significantly easier for hackers to decode the website's private key and decrypt passwords, login cookies, and other sensitive information from HTTPS connections. HOW FREAK ATTACK WORKS ? Assistant Research Professor Matthew Green of Johns Hopkins University's Information Security Institute in Maryland summarizes the FREAK vulnerability in a blog post detailing how a hacker could perform MitM attack: In the client's Hello message, it asks for a standard 'RSA' ciphersuite. The MITM attacker changes this message to ask for 'export RSA'. The server responds with a 512-bit export RSA key, signed with its long-term key. The client accepts this weak key due to the OpenSSL/Secure Transport bug. The attacker factors the RSA modulus to recover the corresponding RSA decryption key. When the client encrypts the 'pre-master secret' to the server, the attacker can now decrypt it to recover the TLS 'master secret'. From here on out, the attacker sees plain text and can inject anything it wants. A scan of more than 14 million websites that support the SSL/TLS protocols found that more than 36% of them were vulnerable to the decryption attacks that support RSA export cipher suites (e.g., TLS_RSA_EXPORT_WITH_DES40_CBC_SHA). Cracking a 512-bit key back in the '90s would have required access to supercomputers of that time, but today, it can be done in seven hours and cost nearly $100 per website only. It is possible to carry out FREAK attack when a user running a vulnerable device " currently includes Android smartphones, iPhones and Macs running Apple's OS X operating system " connects to a vulnerable HTTPS-protected website. At the moment, Windows and Linux end-user devices were not believed to be affected. 'FREAK' SIMILAR TO 'POODLE' FREAK vulnerability is similar to last year'sPOODLE flaw or Padding Oracle On Downgraded Legacy Encryption, which allowed hackers to downgrade the entire SSL/TLS Internet-communication security suite to the weakest possible version. FREAK affects only those SSL/TLS implementations that accept export versions of protocols that use the RSA encryption algorithm

References:

http://www.digitalmunition.me/2015/03/freak-new-ssltls-vulnerability-explained/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top