Researchers from the French Institute INRIA has identified a new attack on SSL/TLS, which got the name FREAK, similar to previously identified attacks POODLE, BREACH, CRIME and BEAST. The essence of the attack is to initiate a rollback of connections for use permitted for export cipher Suite that includes inadequately protected older encryption algorithms.
The problem allows to drive a wedge into the Union and to organize the traffic analysis in the framework of a secure communication channel using the vulnerability (CVE-2015-0204), identified in many SSL clients and allows you to change the ciphers to RSA RSA_EXPORT and decrypt traffic using a weak ephemeral RSA key.
Provided in RSA_EXPORT 512-bit RSA key no longer applied in server and client software, as it is considered unsafe and prone to attacks of selection. For the selection of the key is RSA-512, the researchers took about seven and a half hours when you start computing in Amazon EC2 environment. The key is enough to pick up for each server once, then the compromised key could be used to intercept any connections to this server (mod_ssl by default when you start the server generates one export RSA key and re-uses it for all connections), writes opennet.ru.
On the client side, the vulnerability affects OpenSSL (fixed in 0.9.8 zd, 1.0.0 p, and 1.0.1 k), Safari and a variety of embedded and mobile systems, including Google Android and Apple iOS. As for the servers, the network scan showed that the set RSA_EXPORT supported by approximately 36.7% of the total mass of sites and 9.7% of the one million sites. To protect the server based on the Apache options Directive SSLCipherSuite should add “!EXPORT”.
Read more •••