FREAK (Factoring RSA Export Keys) is a vulnerability of the weak export cipher suites in SSL/TLS. Due to a weakness in the SSL/TLS protocols using only 512 or fewer bits, it can easily be broken.
CVSS vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
The FREAK vulnerability is a significant security SSL/TLS weakness that has its roots in the 1990s.
Back then, the U.S. government required that software that was to be used outside the country needed to employ cipher suites that contain less than 512 bits. They were called 'export cipher suites.' This measure aimed to regulate the use of robust encryption protocols for export software, so it had to employ weaker encryption.
The rules were changed in 2000 when the U.S. export laws were updated. However, the 1990s-era 'export-grade' cryptography stayed in many software solutions. While the protection such keys provided in the 1990s was solid, they can be cracked in a couple of hours and with minimum financial investment. This makes millions of users vulnerable to a classic attack scenario: the Man-in-the-Middle attack.
After the discovery, researchers discovered that the FREAK vulnerability had exposed millions of users for decades. In addition, it affects both Apple and vulnerable Android devices through OpenSSL versions 1.01k and earlier and the Apple Secure Transport.
The scale of the vulnerability was thus significant, making it an industry-wide issue with sizable potential for harmful cyber-attacks. For example, android browsers and many other applications use OpenSSL. The Apple Secure Transport, on the other hand, is used in both iOS and OS X applications, affecting iPhones, iPads, and Macs. Microsoft Windows was also vulnerable through the Secure Channel, also known as Schannel, a security support provider (SSP).
In general, a few conditions had to be met to make a system vulnerable to the FREAK technique:
- The server has to support RSA cipher suits that were deemed 'export-grade' encryption;
- The client has to offer export-grade insecure cipher suites, use an OpenSSL vulnerable version, Apple SecureTransport, or Windows Secure Channel/Schannel.
Through a scan of 14 million websites, researchers Alex Halderman, Zakir Durumeric, and David Adrian at the University of Michigan found that 36% of SSL websites were vulnerable to the threat. These included the FBI, Bloomberg, Nielsen, Business Insider, and many more.
In the aftermath of the discovery, it was advised to disable support for export versions of cipher suites and all other ciphers whose security is questionable. There was also specific configuration guidance for default configurations and advice for cipher suite enforcement policies.
You can use the in-depth resource on Secure TLS Configuration to ensure you use only strong cipher suites that are not susceptible to the FREAK threat.
Is your web app or API truly protected? With DAST Essentials, you can check for the FREAK vulnerability and similar threats to determine if your systems are safe.