Locked FREAK Vulnerability : Factoring RSA Export Keys

[you2004975]

FREAK Vulnerability : Factoring RSA Export Keys

 

This attack targets a class of deliberately weak export cipher suites. As the name implies, this class of algorithms were introduced under the pressure of US governments agencies to ensure that they would be able to decrypt all foreign encrypted communication, while stronger algorithms were banned from export (as they were classified as weapons of war).

 

Support for these weak algorithms has remained in many implementations such as OpenSSL, even though they are typically disabled by default; however, we discovered that several implementations incorrectly allow the message sequence of export ciphersuites to be used even if a non-export ciphersuite was negotiated.

 

Thus, if a server is willing to negotiate an export ciphersuite, a man-in-the-middle may trick a browser (which normally doesn't allow it) to use a weak export key. By design, export RSA moduli must be less than 512 bits long; hence, they can be factored in less than 12 hours for $100 on Amazon EC2.

 

Ironically, many US government agencies (including the NSA and FBI), as well as a number of popular websites (IBM, or Symantec) enable export ciphersuites on their server - by factoring ther 512-bit RSA modulus, an attacker can impersonate them to vulnerable clients.

 

Other than websites, HTTPS servers that enable export ciphersuites include those that host popular third-party JavaScript, such as the Facebook JavaScript SDK (loaded in most sites that use Facebook's Like or Login button). By impersonating such vulnerable script servers, an attacker can inject arbitrary JavaScript into any number of innocent third-party websites to steal user data (such as passwords) entered on these sites. We demo how an attacker can perform widespread XSS attacks after factoring the 512-bit RSA modulus for connect.facebook.net (the site that serves Facebook's JavaScript SDK).

 

Affected Products :

This is the hidden content, please

• Sign In
• or
• Sign Up

 

Source :

This is the hidden content, please

• Sign In
• or
• Sign Up

[you2004975]

Re: FREAK Vulnerability : Factoring RSA Export Keys

 

Patch Tuesday patches FREAK, Universal XSS

 

Today's bumper crop of updates for Windows and other Microsoft products doesn't just fix a new version of the Stuxnet shortcut attack. It also provides fixes to two serious flaws, one in the operating system's handling of secure connections and the other in Internet Explorer.

 

First up is a fix for the FREAK attack that lets miscreants trick software into using crackable encryption. Windows was initially believed to be immune to the attack, but a couple of days after it was publicized, Microsoft announced that its software was vulnerable, though the company did not explain what it had learned or why Windows was initially believed to be safe.

 

Today the company issued a patch for SChannel, the Windows component that's responsible for handling the details of SSL and TLS connections. This sheds a little light on why Windows might have been overlooked at first; it suggests that Windows can be tricked into using weak encryption even after agreeing to use strong encryption. The update fixes the hole and, accordingly, software that uses SChannel. This category includes Internet Explorer and most built-in Windows features, but it excludes Chrome and Firefox, which have their own SSL and TLS code.

 

Second is a fix for a flaw first reported in February that allowed a malicious webpage to access content from any other page. This allows a hacker to, for example, steal cookies or login credentials belonging to banking site, among other nasty things. This kind of flaw often arises due to coding errors in websites themselves, but in this instance, the cause was a browser bug, and hence the bug could be used to attack almost any site. The problem was dubbed "universal XSS" (cross site scripting) because of its wide applicability.

 

The Internet Explorer patch released today fixes this flaw.

 

So, Keep your windows up to date