Researchers revealed on Tuesday a hole in internet security which was so wide-ranging and so long-running that, effectively, millions of websites were about as secure as a screen door on a bank vault.
Ars Technica and Washington Post report millions of websites are suffering from a security flaw which would enable any malicious hacker monitoring the traffic in between the site and a user to trick the site and the user’s web browser into using a decade out-of-date and fundamentally insecure level of encryption.
The researchers have dubbed the flaw “FREAK” for Factoring attack on RSA-EXPORT Keys. The affected websites range from AmericanExpress.com and Bloomberg.com to NSA.gov (list), and the affected web browsers can be found on Android devices, Apple devices (both Macs and iDevices), and surprisingly, IE 11 on Windows (according to some user reports).
Attackers who are in a position to monitor traffic passing between vulnerable end users and servers can inject malicious packets into the flow that will cause the two parties to use a weak 512-bit encryption key while negotiating encrypted Web sessions. Attackers can then collect some of the resulting exchange and use cloud-based computing from Amazon or other services to factor the website’s underlying private key. From that point on, attackers on a coffee-shop hotspot or other unsecured network can masquerade as the official website, a coup that allows them to read or even modify data as it passes between the site and the end user.
FREAK is one of several SSL-related vulnerabilities disclosed Tuesday by a research team from organizations including INRIA Paris-Rocquencourt and Microsoft. The vulnerability is indexed asCVE-2015-0204. An Apple spokesman said the company plans to issue patches for iOS and OS X next week. A Google spokeswoman said an Android patch has already been distributed to partners. In the meantime, Google is calling on all websites to disable support for export certificates.
512-bit encryption might seem like a large number but by today’s standards it’s about as secure as a hole in the wall.
That level of encryption was first cracked in 1999. At that time it required around 7 hours and 75 computers to crack a single encryption key, but in 2015 you can rent a similar amount of computing power online for around $100.
The current standard, on the other hand, is 1024-bit encryption. According to one researcher, cracking a 1024-bit key would require a million desktop PCs and a team of code breackers, and take at least a year. And that puts it out of the reach of all but a handful of national governments and major tech companies.
So are you at risk?
You can check by visiting the FreakAttack website. Chrome, Firefox, and IE on Windows 7 are not vulnerable, but Chrome, Dolphin, and other browsers on Android are. Curiously, Firefox is secure on Android.
When it comes to iOS, both Safari and Opera are vulnerable. Chrome is safe (there’s no Firefox for iOS yet).
Google says that an Android patch has already been distributed to partners, but in the meantime Google is calling on all websites to disable support for export certificates. Apple plans to issue patches for iOS and OSX next week.
For more details on this story, read this blog post by Matthew Green, cryptographer and research professor at Johns Hopkins University.
image by Robbert van der Steeg