Don't FREAK out over the Factoring Attack on RSA-EXPORT Keys

security key on keyboard

OPINION: It's about time we got things, by which I mean security vulnerabilities, into freakin' perspective. Currently the IT security industry and the media covering it are, in my opinion, in danger of becoming the internet equivalent of Chicken Little.

Every time a vulnerability is discovered which has the potential to impact upon large numbers of users we get the same 'the sky is falling' message writ large. Yet potential and probability are not automatic bedfellows, which appears to have passed many headline and press release writers by. The latest falling acorn to be mistaken for a piece of the internet sky is FREAK, or Factoring Attack on RSA-EXPORT Keys to be a little more formal about things.

What is FREAK?

What is FREAK, other than over-hyped that is? The simple answer is that it's a leftover weakness from political meddling by the US when Secure Sockets Layer (SSL) connection encryption was introduced. That meddling back in the early 1990's came in the form of export controls for encryption systems which enabled the US to use stronger encryption keys while international users had to make do with weaker ones.

Advertisement - Article continues below
Advertisement - Article continues below

In the case of SSL this originally meant Netscape deploying 40-bit cryptography for the international export grade versions, with the US keeping the de-facto stronger 128-bit version for themselves. This was supposedly to enable the NSA to be able to access communications, as only state sponsored outfits would have the required computing resources.

Things have changed since then, both in terms of scrapping that encryption export limit and supercomputer processing resources (via the cloud for example) being available to pretty much anyone who wants them. Unfortunately one thing hasn't changed, and that's the vulnerability discovered which means that some servers will accept RSA export-grade keys even when the client didn't ask for them.

It's actually exploiting a negotiation mode between servers and browsers that enables the server to downgrade the encryption requirement until the browser client can connect to it. Because the legacy export grade encryption is weaker, and computing resources are more powerful, the potential for decryption of SSL keys within hours using something powerful compute-wise exists. But does that potential, I ask again, equate to probability?

I'm with Phil Lieberman, CEO of Lieberman Software Corporation, here. "[FREAK is more of a] hypothetical threat to a limited collection of users and systems," he reckons, adding it's based on "a series of very unusual conditions." As Lieberman also points out, it's also an attack which requires sophisticated actors (most likely state sponsored) with tools and technologies not in common use.

"The attack is very difficult to set up and is in the realm of state-sponsored physical intrusion of your internet or Wi-Fi connection" Lieberman says.

"The mechanism described is a valid methodology, but it depends on physical compromise of your connection and a series of lucky coincidences, like you running the right browser and hitting the right websites." Whereas Heartbleed was a 'must patch' scenario for internet-facing sites, Lieberman insists - and I concur - FREAK is interesting, but shouldn't keep anybody awake at night. That is "unless their internet connection is tapped or are using Wi-Fi without encryption and authentication," he adds.

Advertisement - Article continues below

So, the sky is not falling, the world is not ending and all the Chicken Littles should calm down now.

There are a whole bunch of options (here's one) for checking if sites could be compromised, no matter how unlikely that may be in the real world, so use them and upgrade to something more modern and secure if needed. Ditto when it comes to browser clients (for example this one) and, if vulnerable, update the damn thing, or change to a client that isn't vulnerable.

Oh, and just for the record while you are doing the whole server security tweaking thing, why not also disable support for export cipher suites and enable forward secrecy. Now you know those little acorns make sense...

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020