An SSL/TLS vulnerability has been identified that attackers could use to downgrade the cryptography of HTTPS connections to one vulnerable to decryption. allowing attackers to listen in on communications between a browsers and a server. The severity of this vulnerability is extremely high because attackers can use it to obtain login credentials for sensitive systems such as banking sites to commit financial fraud.
This is reminiscent of the recent Heartbleed and POODLE vulnerabilities that could also be exploited to compromise encrypted communication.
The vulnerability, nicknamed a FREAK attack, involves code from the OpenSSL project as Heartbleed did last year. However, the impact varies by the different vendor browsers.
Apple Safari and Android browsers have been confirmed as vulnerable. However, Chrome is not affected and nor are Internet Explorer and Firefox.
How Could this Happen?
In the 1990s the U.S. government wanted to control the export of what they considered to be “weapons grade” encryption. They would allow the strong, for its day, 128 bit encryption, to be used in the US, but Feds wanted U.S. intelligence services and law enforcement to have “backdoors” when it came to foreign communications. A weak 40 bit encryption suite was introduced referred to as “export grade” for use outside the United States that the American authorities could break if needed.
While most browsers have not supported the 40 bit suites for years, they are present in as many as one third of the SSL libraries and browsers. If the suite is present in a browser, an attacker can mount what is known as a ‘downgrade attack’, forcing the use of the weak cipher suite. Using a man-in-the-middle attack, the attacker inserts a process between the browser and server to intercept and decrypt their messages.
Unfortunately, this feature is still built in to many Web Servers, as many as one third. An attacker can force the vulnerable clients and servers to use the weak export grade encryptions in the HTTPS connections intercept decrypt or alter messages they intercept using a man-in-the middle attack.
What Should You Do?
For this type of attack to succeed, both the web server and victim’s browser must be vulnerable. If you operate a web server you should disable support for any export suites and all known insecure ciphers. You should then enable forward secrecy. Mozilla has published a guide and SSL Configuration Generator, which will generate known good configurations for common servers.
For web users, you can check if your browser is vulnerable at this site:
Apple and Google are rushing fixes for their browser issues, but this might be a good time to try Comodo’s Chromium based browser Comodo Dragon or the Firefox based Comodo iceDragon. Both have unmatched privacy and security features and are free to download.