[Cryptography] FREAK attack

Salz, Rich rsalz at akamai.com
Wed Mar 4 21:46:18 EST 2015

> I took the liberty of forwarding this to a geek list, and a bod who runs security
> at a University department responded thus:

Hmm, that bod should drop a few pegs in their quality metric.

> Sounds some what theoretical.

Not at all.  Here's the first public disclosure: https://blogs.akamai.com/2015/03/cve-2015-0204-getting-out-of-the-export-business.html (with permission of one of the research team), and here's the best posting on the whole thing: http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html.  TL;DR:  512-bit RSA keys can be cracked on AWS orother provider for $100 and 10 hours.

Senior Architect, Akamai Technologies
IM: rsalz at jabber.me Twitter: RichSalz

More information about the cryptography mailing list