Don't FREAK out over the Factoring Attack on RSA-EXPORT Keys

OPINION: It's about time we got things, by which I mean security vulnerabilities, into freakin' perspective. Currently the IT security industry and the media covering it are, in my opinion, in danger of becoming the internet equivalent of Chicken Little.

Every time a vulnerability is discovered which has the potential to impact upon large numbers of users we get the same 'the sky is falling' message writ large. Yet potential and probability are not automatic bedfellows, which appears to have passed many headline and press release writers by. The latest falling acorn to be mistaken for a piece of the internet sky is FREAK, or Factoring Attack on RSA-EXPORT Keys to be a little more formal about things.

What is FREAK?

What is FREAK, other than over-hyped that is? The simple answer is that it's a leftover weakness from political meddling by the US when Secure Sockets Layer (SSL) connection encryption was introduced. That meddling back in the early 1990's came in the form of export controls for encryption systems which enabled the US to use stronger encryption keys while international users had to make do with weaker ones.

In the case of SSL this originally meant Netscape deploying 40-bit cryptography for the international export grade versions, with the US keeping the de-facto stronger 128-bit version for themselves. This was supposedly to enable the NSA to be able to access communications, as only state sponsored outfits would have the required computing resources.

Things have changed since then, both in terms of scrapping that encryption export limit and supercomputer processing resources (via the cloud for example) being available to pretty much anyone who wants them. Unfortunately one thing hasn't changed, and that's the vulnerability discovered which means that some servers will accept RSA export-grade keys even when the client didn't ask for them.

It's actually exploiting a negotiation mode between servers and browsers that enables the server to downgrade the encryption requirement until the browser client can connect to it. Because the legacy export grade encryption is weaker, and computing resources are more powerful, the potential for decryption of SSL keys within hours using something powerful compute-wise exists. But does that potential, I ask again, equate to probability?

I'm with Phil Lieberman, CEO of Lieberman Software Corporation, here. "[FREAK is more of a] hypothetical threat to a limited collection of users and systems," he reckons, adding it's based on "a series of very unusual conditions." As Lieberman also points out, it's also an attack which requires sophisticated actors (most likely state sponsored) with tools and technologies not in common use.

"The attack is very difficult to set up and is in the realm of state-sponsored physical intrusion of your internet or Wi-Fi connection" Lieberman says.

"The mechanism described is a valid methodology, but it depends on physical compromise of your connection and a series of lucky coincidences, like you running the right browser and hitting the right websites." Whereas Heartbleed was a 'must patch' scenario for internet-facing sites, Lieberman insists - and I concur - FREAK is interesting, but shouldn't keep anybody awake at night. That is "unless their internet connection is tapped or are using Wi-Fi without encryption and authentication," he adds.

So, the sky is not falling, the world is not ending and all the Chicken Littles should calm down now.

There are a whole bunch of options (here's one) for checking if sites could be compromised, no matter how unlikely that may be in the real world, so use them and upgrade to something more modern and secure if needed. Ditto when it comes to browser clients (for example this one) and, if vulnerable, update the damn thing, or change to a client that isn't vulnerable.

Oh, and just for the record while you are doing the whole server security tweaking thing, why not also disable support for export cipher suites and enable forward secrecy. Now you know those little acorns make sense...