Pierluigi Paganini
March 06, 2015
Few days back security researchers group (named as SMACK ) made everyone aware of a new SSL/TLS vulnerability, termed as FREAK (CVE-2015-0204). FREAK stands for Factoring Attack on RSA-EXPORT Keys. After POODLE, it is another catastrophic SSL/TLS vulnerability. FREAK vulnerability enables malicious attackers to do the MITM attack between the vulnerable clients and servers on encrypted channel. Attackers are forcefully making sure that vulnerable clients and servers must use older and weaker ‘Export-grade’ cryptography. This export-grade encryption uses 512-bit RSA keys. This export-grade encryption can be easily decrypted and it’s very easy to hamper its integrity.
ROOT of the problem:
In 1990s, the US government endeavored to direct the export of items using “robust” encryption and gadgets were stacked with weaker “export-grade” encryption before being dispatched out of the nation. Around then, it was permitted a most extreme key length of 512 bits for “export-grade” encryption. Later in 2000, due to an amendment in US export laws, merchants were allowed to incorporate 128-bit ciphers in their items and were able to disseminate these everywhere throughout the world. The main issue is that “export-grade” cryptography backings was never evacuated and now after three decades, FREAK vulnerability, anticipatively making it easier for hackers and malicious attackers to interpret the site’s private key and decode passwords, login, and other delicate data from HTTPS associations.
OK, now let me know how it works:
According to Professor Matthew Green, cryptographer and research professor at Johns Hopkins University, to understand the working of FREAK it’s necessary to understand working of MITM attack:
If only server is vulnerable, it’s not guarantee that the attack will be successful. For the attack to be successful, both browser and server must have to support Export-grade cipher suites..not guarantee that the attack will be successful. For the attack to be successful, both browser and server must have to support Export-grade cipher suites.
How to check whether you are safe from FREAK attack or not?
Everyone is not vulnerable to FREAK attack. To check whether your browser is vulnerable to this attack or not, visit www.freakattack.com. If your browser is safe from FREAK attack, then it will prompt a message, ‘Good News! Your browser appears to be safe from the FREAK Attack!’, else it will prompt a Warning message that your browser is vulnerable to CVE-2015-0204. Best way to make yourself free from this attack is to update your browser.
Is there any similarity between FREAK and POODLE?
POODLE vulnerability stands for ‘Padding Oracle on Downgraded Legacy Encryption’. It allows malicious attackers to lower down the SSL/TLS communication to the possible weakest version. FREAK is similar to POODLE in a way that it affects those SSL/TLS implementations that supports and accepts export versions of protocols that uses RSA algorithm.
APPLE and GOOGLE plans to tackle FREAK:
Apple is planning to introduce fixes for Safari on OS X and iOS next week. On the other hand Google has already handed over patch to the concerned ones. Google is also planning to make sure that all the websites must disable the support for export certificates.
HTTPS Sites that support RSA Export Suites:
According to Alexa Top 10K, following are the some websites that support RSA Export suites as of Tuesday, March 3, 9:00 PM EST. This list is quite long; you can go for the full list at suites as of Tuesday, March 3, 9:00 PM EST. This list is quite long; you can go for the full list at https://freakattack.com/vulnerable.txt .
Alexa Rank Domain Address Tested
27 sohu.com 123.125.116.19
182 businessinsider.com 64.27.101.155
234 ppomppu.co.kr 110.45.151.212
243 smzdm.com 114.113.158.226
247 americanexpress.com 23.13.171.41
251 jabong.com 23.203.7.176
273 groupon.com 184.26.49.170
290 bloomberg.com 69.191.212.191
442 4shared.com 208.88.224.136
448 npr.org 216.35.221.76
519 hatena.ne.jp 59.106.194.19hatena.ne.jp 59.106.194.19
615 instructables.com 74.50.63.27
629 airtel.in 125.19.135.93airtel.in 125.19.135.93
649 kohls.com 23.202.240.45
767 adplxmd.com 205.186.187.178
795 mit.edu 23.202.254.127
799 tinyurl.com 23.220.249.147
808 suning.com 122.228.85.93
820 saramin.co.kr 182.162.86.29
891 vi-view.com 50.97.32.135
903 itau.com.br 23.38.106.190
951 huaban.com 115.238.54.162
959 zomato.com 54.151.251.33
960 nationalgeographic.com 74.217.81.233
999 marriott.com 23.45.45.5
1001 jobrapido.com 46.105.106.82
1029 forever21.com 23.202.233.118
1089 wiocha.pl 195.225.138.234wiocha.pl 195.225.138.234
1150 axisbank.com 119.226.139.40
1180 clarin.com 200.42.136.212
1236 mgid.com 208.94.232.200
1247 jcpenney.com 23.49.180.228
1261 wowhead.com 23.199.195.58
1297 gaana.com 223.165.30.26
1313 mtime.com 59.151.32.20
1360 refinery29.com 50.22.34.136
1361 vente-privee.com 185.45.180.3
1364 ynet.co.il 192.115.80.55
1383 dhgate.com 124.42.15.198
1411 vesti.ru 80.247.32.206vesti.ru 80.247.32.206
1424 adxcore.com 188.165.36.101
1456 sweet-page.com 50.97.32.133
1484 binaryprofessional.com 50.7.157.122
1502 globososo.com 184.173.140.162
1571 estadao.com.br 23.199.200.37
1573 jcrew.com 23.37.8.44
1586 17173.com 220.181.90.240
1599 bmi.ir 89.235.64.67bmi.ir 89.235.64.67
1620 zdnet.com 50.112.160.88
1646 accountonline.com 192.193.200.101
1662 umich.edu 141.211.243.44
1680 cornell.edu 128.253.173.241
1684 lg.com 165.244.62.23
1693 uludagsozluk.com 188.132.225.181
1722 yixun.com 111.30.131.20
1738 priceminister.com 212.23.167.62
1856 ibtimes.co.uk 64.147.114.55
1860 extra.com.br 23.221.0.145
1864 jiameng.com 117.78.2.204
1866 ihg.com 23.202.251.213
1878 miui.com 42.62.48.148
1902 syosetu.com 111.64.91.10
1915 thrillist.com 50.57.33.153
About the Author
MANISH KUMAR MISHRA E-Mail: [email protected]
(ISO27001,C|EH v8 certified Information Security professional)
MS in Cyber Law and Information Security
Institute: Indian Institute Of Information Technology (IIIT)- Allahabad
Edited by Pierluigi Paganini
(Security Affairs – Drones, Privacy)
