The FREAK Attack

On Tuesday, March 3, 2015, researchers disclosed a new SSL/TLS vulnerability — the FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptogrpahy [sic], which can then be decrypted.. §

This all traces back to the Clinton administration. The US government wanted decided that cryptography was the same as military weaponry. This led to an export ban in which US designed crypto apps couldn’t be sold outside the US borders. This was also a time when most software was shipped on physical media. There also a belief that software respected international borders.

What happened then was “export grade” (i.e. weak 40-bit encryption) became the default used in “international” versions of things like web browsers. This was one of the first attempts to create an encryption backdoor. The idea was that the US could decide who gets strong crypto. Then it could eavesdrop on the countries or groups that had the weak encryption.

This did not end well. Strong crypto research then moved outside of the US. The product of which was available to everyone worldwide. Except for US-based software vendors that wanted to sell outside of the US. The commercial interests eventually overturned the law and were able to provide one version of their software no matter the destination.

The vulnerable cypher suite (TLS_RSA_EXPORT_WITH_DES40_CBC_SHA) seems to be still present in most modern browsers. In my testing with Safari (version 8.0.3 (10600.3.18)), the RSA_EXPORT cypher is not offered to the server as an option. But now it has become clear that an incorrectly configured server can still open connections using the weak encryption.

The linked site has a tracker that lists the sites vulnerable to this attack. One of the notable sites that can be tricked into using weak encryption is americanexpress.com (as of 2015-03-03).