According to Freak attack tracking website, the HTTPS connection is vulnerable “If the server accepts RSA_EXPORTS Cipher suites and the client either offers an RSA_EXPORT suites or is using a version of OpenSSL that is vulnerable to CVE-2015-0204”
You forget last year disastrous POODLE Flaw which let
downgrade the security of the whole SSL/TLS communication to the weakest level.
Even before POODLE and now FREAK, the Heartbleed flaw existed
in OpenSSL.
FREAK is similar to these attacks
in that it also exploits vulnerabilities in OpenSSL to downgrade secure
connections from "strong" RSA to "export-grade" RSA
cryptography, allowing cybercriminals to intercept, decrypt and access personal
information.
Mechanism
A vulnerable client such as your web browser, Smartphone
Apps start talking to a server working on HTTPS, and start list the encryption
algorithms and key lengths it supports and those it prefers meant these should
be strong ciphers and long keys.
An Attacker (MAN-IN-THE-MIDDLE) able to intercept traffic
between the client and the server and can tamper with that message to say the
client only wants weak export-grade keys encryption, for example 512-bit RSA
Key.
Due to Bugs in OpenSSL and Secure Transport, Server replies
with a weak key, the client will accept it and after that encryption process
will start.
An attacker can go to a cloud provider and can decode a key
for around $100 and half a day.
An analysis of the attack by
Assistant Research Professor Matthew Green of Johns Hopkins University's
Information Security Institute in Maryland summarizes the situation thus:
1.
In the client's Hello message, it asks for a standard 'RSA'
ciphersuite.
2.
The MITM attacker changes this message to ask for 'export
RSA'.
3.
The server responds with a 512-bit export RSA key, signed
with its long-term key.
4.
The client accepts this weak key due to the
OpenSSL/SecureTransport bug.
5.
The attacker factors the RSA modulus to recover the
corresponding RSA decryption key.
6.
When the client encrypts the 'pre-master secret' to the server,
the attacker can now decrypt it to recover the TLS 'master secret'.
7.
From here on out, the attacker sees plaintext and can inject
anything it wants.
How to downgrade the SSLversion
You can see in below image before
MITM attack over SSL, website was running on the TLS Higher version TLS 1.2, that means SSL Connection
between browser and server has been encrypted by TLS 1.2
But after Man-In-The-Middle attack, SSL Connection between browser and server
encrypted by lower version of TLS 1.0
Popular Sites Affected
According to reports, 37% of
browser-trusted sites are affected by this flaw. Affected sites include
Bloomberg, Business Insider, ZDNet, HypeBeast, Nielsen, and the FBI. It bears
stressing that there are country-specific sites that were also affected.
Microsoft has confirmed
all version of Windows are vulnerable. Red Hat confirmed that versions 6
and 7 of Red Hat Enterprise Linux
(RHEL) are vulnerable as well. Browsers
that are vulnerable to the FREAK vulnerability include Internet Explorer, Opera
(Mac OS X / Linux), and Safari.
Addressing the FREAK Flaw
OpenSSL has provided a patch for CVE-2015-0204
in January. Apple is reportedly deploying a patch for both mobile devices and
computers.
Advise for Android users to refrain
from using the default Android browser in their devices. They can instead use
the Google Chrome app as it is not affected by the bug. Furthermore,
connections to the Google search site are not affected.
0 comments:
Post a Comment