Security News

FREAK: Attacking Export RSA Keys (March 4, 2015)

By

SSL/TLS are cryptographic protocols designed to provide security over a network communication. The cryptography provides confidentiality, integrity, and authentication. The strength of the security relies on the strength of the keys used to encrypt messages. Recently, security researchers discovered a flaw in SSL implementations (CVE-2015-0204) where an SSL client accepts export-grade RSA (export cipher suites) keys even though it originally intended to use regular/strong RSA. The export-grade RSA uses keys that can be easily broken thus endangering the secure communication between the client and the server. The support for these weak keys are still part of many SSL implementations due to US Government’s policy. FREAK (Factoring RSA export keys) is a Man-in-the-middle (MITM) attack to exploit CVE-2015-0204 vulnerability.

In the attack scenario, the attacker intercepts a ‘client hello’ message. The attacker then replaces the requested cipher to ‘export RSA’. Vulnerable server responds by signing the message with ‘export RSA’ key. Due to the weakness in the strength of the key, the attacker cracks the key. Although, it still takes fairly good amount of time to crack this key, many servers do not change the key quite often. So, once the attacker has the key, the attacker is ready to play as MITM for the future connections.

Test your server:

You can use OpenSSL (SSL/TLS client) to test whether your server is vulnerable to the attack by running :

openssl s_client -connect [server]:443 -cipher EXPORT

If you get a positive response from the server showing the server certificate and server’s temp key to be 512bits, the server is vulnerable.

If you get erroneous response, such as:

error setting cipher list
13492:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:.sslssl_lib.c:1312:

Then the server is not vulnerable.

Test your client:

Configure a test server to allow ‘export RSA’, and send a connection request to the server with ‘export RSA’ cipher suite request. If your client accepts it, it is susceptible to the attack.

Here’s a network packet capture snapshot showing the server has responded with an ‘export RSA’ key:

The following snapshot shows the scenario where the server did not accept client’s request for ‘export RSA’ :

  • www.sohu.com
  • www.hungryapp.co.kr
  • www.techmeme.com
  • www.youjizz.com
  • www.tribalfusion.com
  • www.ip138.com
  • www.coolenjoy.net
  • www.uludagsozluk.com
  • www.yengo.com
  • www.transrush.com
  • www.ppomppu.co.kr
  • www.businessinsider.com
  • www.lg.com
  • www.dailybasis.com
  • www.pc6.com
  • www.kuwo.cn
  • www.key-find.com
  • www.draftkings.com
  • www.copytraderpro.com
  • www.epson.co.jp
  • www.baharnews.ir
  • www.jabong.com
  • www.numbeo.com
  • www.delfi.lv
  • www.yixun.com
  • www.kohls.com
  • www.nova.cz
  • www.techgig.com
  • www.subtitles.at
  • www.mumsnet.com
  • www.translate.ru
  • www.designspiration.net
  • www.entekhab.ir
  • www.beitaichufang.com
  • www.priceminister.com
  • www.newsen.com
  • www.uploadbaz.com
  • www.adplxmd.com
  • www.americanexpress.com
  • www.tinyurl.com
  • www.ibtimes.co.uk
  • www.talktalk.co.uk
  • www.freemail.hu
  • www.dinodirect.com
  • www.russia.tv
  • www.element14.com
  • www.groupon.com
  • www.saramin.co.kr
  • www.lenskart.com
  • www.ihg.com
  • www.jiameng.com
  • www.made-in-china.com
  • www.weathernews.jp
  • www.forever21.com
  • www.fhserve.com
  • www.sleazyneasy.com
  • www.trafficholder.com
  • www.syosetu.org
  • www.rtl.be
  • www.makeupalley.com
  • www.vw.com.tr
  • www.gyakorikerdesek.hu
  • www.doortodoor.co.kr
  • www.dreammail.jp
  • www.mk.co.kr
  • www.unionpaysecure.com
  • www.networksolutionsemail.com
  • www.miui.com
  • www.gaana.com
  • www.katestube.com
  • www.ngacn.cc
  • www.mit.edu
  • www.locanto.com
  • www.dhgate.com
  • www.copyscape.com
  • www.cnyes.com
  • www.marketgid.com
  • www.rs-online.com
  • www.mangocity.com
  • www.lyricsmode.com
  • www.gg.com.ua
  • www.iporter.com
  • www.infor.pl
  • www.globososo.com
  • www.jcrew.com
  • www.itau.com.br
  • www.dv37.com
  • www.timesjobs.com
  • www.backlinkwatch.com
  • www.rincondelvago.com
  • www.thrillist.com
  • www.twitcasting.tv
  • www.famitsu.com
  • www.jahannews.com
  • www.gocomics.com
  • www.wiocha.pl
  • www.wsodownloads.info
  • www.juntadeandalucia.es
  • www.5usport.com
  • www.x3xtube.com
  • www.fishmpegs.com
  • www.education-portal.com
  • www.dereferer.org
  • www.todaysppc.com
  • www.hanjin.co.kr
  • www.jeep.com
  • www.5pao.com
  • www.wordtracker.com
  • www.indiocasino.com
  • www.17173.com
  • www.streamay.com
  • www.mps.it
  • www.net.cn
  • www.delfi.lt
  • www.vertex42.com
  • www.qianxs.com
  • www.dealmoon.com
  • www.wowhead.com
  • www.delfi.ee
  • www.mashreghnews.ir
  • www.hostgator.in
  • www.umich.edu
  • www.parsine.com
  • www.epnet.com
  • www.adxcore.com
  • www.duba.com
  • www.cjmall.com
  • www.nordstromrack.com
  • www.sidereel.com
  • www.focus.cn
  • www.alriyadh.com
  • www.coocan.jp
  • www.incruit.com
  • www.iesa.co
  • www.vesti.ru
  • www.gobizkorea.com
  • www.cr173.com
  • www.gem.pl
  • www.bmi.ir
  • www.vi-view.com
  • www.83suncity.com
  • www.ehanex.com
  • www.pcfaster.com
  • www.wmmail.ru
  • www.giga.de
  • www.ipeen.com.tw
  • www.wannonce.com
  • www.183.com.cn
  • www.labirint.ru
  • www.axisbank.com
  • www.freedigitalphotos.net
  • www.standardbank.co.za
  • www.bouyguestelecom.fr
  • www.ytn.co.kr
  • www.diegrossechance.net
  • www.e-rewards.com
  • www.markt.de
  • www.eleconomista.es
  • www.ad-center.com
  • www.themalaysianinsider.com
  • www.toodledo.com
  • www.mamaclub.com
  • www.mzamin.com
  • www.kotree.com
  • www.eurobank.gr
  • www.enuri.com
  • www.leggo.it
  • www.infibeam.com
  • www.wechat.com
  • www.bharatiyamobile.com
  • www.cpmfx.com
  • www.ohmyzip.com
  • www.19lou.com
  • www.veoh.com
  • www.youmaker.com
  • www.afreeca.com
  • www.unext.jp
  • www.bigrock.in
  • www.hypebeast.com
  • www.alternet.org
  • www.ilmessaggero.it
  • www.ana.co.jp
  • www.sec.gov
  • www.virtualedge.com
  • www.dominos.co.in
  • www.ets.org
  • www.sbicard.com
  • www.googleping.com
  • www.plan-q-secret.com
  • www.tradeindia.com
  • www.umeng.com
  • www.vno.co.kr
  • www.sweet-page.com
  • www.shueisha.co.jp
  • www.usnetads.com
  • www.lufax.com
  • www.huaban.com
  • www.kaixin001.com
  • www.priberam.pt
  • www.wikimart.ru
  • www.motorola.com
  • www.brokenlinkcheck.com
  • www.funweek.it
  • www.seobook.com
  • www.mafengwo.cn
  • www.lvmama.com
  • www.davidsbridal.com
  • www.santander.com.br
  • www.33lc.com
  • www.totheglory.im
  • www.ddo.jp
  • www.jcpenney.com
  • www.barisderin.com
  • www.minijuegos.com
  • www.seoul.co.kr
  • www.automaticmobilecash.com
  • www.n4hr.com
  • www.bluetradingonline.net
  • www.themarysue.com
  • www.brown.edu
  • www.tirerack.com
  • www.nissan.co.jp
  • www.ria.com
  • www.pcgameshardware.de
  • www.hitosara.com
  • www.gaymaletube.com
  • www.heydouga.com
  • www.resona-gr.co.jp
  • www.rzd.ru
  • www.unam.mx
  • www.sedo.com
  • www.jorudan.co.jp
  • www.flyme.cn
  • www.soaindo.com
  • www.olleh.com
  • www.yinyuetai.com
  • www.femina.mk
  • www.madewell.com
  • www.alice.it
  • www.afkarnews.ir
  • www.subscribe.ru
  • www.ca.com
  • www.persianv.com
  • www.weather.gc.ca
  • www.androidpit.com
  • www.pearson.com
  • www.ohio.gov
  • www.propellerads.com
  • www.daniweb.com
  • www.orange.es
  • www.game321.com
  • www.mg.gov.br
  • www.sofmap.com
  • www.hotelurbano.com
  • www.itv.com
  • www.cnsnews.com
  • www.usajobs.gov
  • www.canadiantire.ca
  • www.deichmann.com
  • www.dream-demo.com
  • www.findthebest.com
  • www.photo.net
  • www.chanet.com.cn
  • www.closermag.fr
  • www.germanbankersecrets.org
  • www.parkoz.com
  • www.cue-monitor.jp
  • www.myfxbook.com
  • www.jn.pt
  • www.ucr.edu
  • www.standardmedia.co.ke
  • www.lolking.net
  • www.lifemedia.jp
  • www.femina.hu
  • www.schoology.com
  • www.literotica.com
  • www.trafficshop.com
  • www.mediaite.com
  • www.linkprice.com
  • www.lefrecce.it
  • www.gingersoftware.com
  • www.startlap.com
  • www.rzeczpospolita.pl
  • www.alltop.com
  • www.ntt.com
  • www.mgid.com
  • www.advego.ru
  • www.wileyplus.com
  • www.pasionlibertadores.com
  • www.correos.es
  • www.pinkvilla.com
  • www.ecpic.com.cn
  • www.shafaf.ir
  • www.taikang.com
  • www.savenkeep.com
  • www.ui.ac.id
  • www.planalto.gov.br
  • www.caclubindia.com
  • www.coach.com
  • www.56.com
  • www.geeksforgeeks.org
  • www.bradesconetempresa.b.br
  • www.netcombo.com.br
  • www.lordandtaylor.com
  • www.bolsademulher.com
  • www.trojmiasto.pl
  • www.lfmall.co.kr

Sonicwall team has written following signatures that help identify this potential vulnerability:

  • IPS sid:6366 “Client Hello with EXPORT Cipher Suites 1”
  • IPS sid:6412 “Client Hello with EXPORT Cipher Suites 2”
  • IPS sid:6428 “Server Hello with EXPORT Cipher Suite”
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
Cridex Trojan actively spreading with IRS theme mails (November 2, 2012)
Schneider Electric IGSS Vulnerability
Cyber Security News & Trends – 03-15-19
Nagios XI Configwizards Command Injection Vulnerability
phpPgAdmin Deserialization Vulnerability
SAP GUI Heap Overflow Vulnerability (Jan 08, 2009)
Apache Range Header Processing DoS (Sep 1, 2011)
Bredolab DHL and Facebook spam continues (Apr 9, 2010)