[Cryptography] FREAK attack
Jerry Leichter
leichter at lrw.com
Wed Mar 4 12:18:32 EST 2015
Latest attack on SSL, affecting some huge percentage of both servers and clients: https://freakattack.com/
Remember all those export modes for SSL that we had to live with two decades ago? Well, it turns out they are still present in at least two code bases (OpenSSL and Apple's SSL implementation), though they aren't offered to the peer. However, if you MITM the connection and simply tell both ends to use export RSA (512 bit=) - due to bad checking, they will.
Lessons to learn:
1. Modes and choices are bad in crypto protocols.
2. Leaving holes to let "good governments" in will inevitably leave holes for others as well.
3. In code, assume nothing ever really goes away.
Not, I'm sure, that anyone on this list needs persuading. But this needs to be repeated, over and over again, so that even non-crypies - and even non-techies - come to internalize it.
-- Jerry
More information about the cryptography
mailing list