Factoring RSA Export Keys Attack is a security exploit found in SSL/TLS protocols. This vulnerability was first introduced decades earlier for compliance with U.S. cryptography export regulations. There are many servers that accept weak RSA_EXPORT ciphers for encryption and decryption process. Using weak ciphers for encryption will increase the chance of an attack based on SSL/TLS vulnerability. The FREAK attack allows an attacker to intercept HTTPS connections between clients and server to force the application to use weakened encryption. The attacker can easily break the cipher to steal or manipulate sensitive data.
The SSL and TLS cryptographic protocols will allow an attacker to use a man-in-the-middle (MITM) attack to sniff and decrypt communications. This type of attack for RSA-EXPORT is called “FREAK”. FREAK is the acronym for Factoring Attack on RSA-EXPORT Keys. This attack can also affect servers using secure connections that accept RSA_EXPORT cipher suites. If the client also uses an RSA_EXPORT suite or it uses an older and unpatched version of OpenSSL, it will be vulnerable to FREAK attack. If the attacker manages to exploit the encryption successfully, he will be able to steal passwords and other sensitive personal information and potentially use these data to launch further attacks against the end users and the web application.
The steps involved in this attack are:-
- An OpenSSL client requests a TLS server. The client will also request for a standard non-export RSA key.
- The attacker will use MITM (Man-In-The-Middle) attack to intercept the requests sent between the client and server. The attacker will ask the server for an export-grade RSA key.
- From the server’s response, the attacker will forwards the server’s export-grade RSA key to the victim clients. Consider the client is vulnerable to FREAK attack, the attack will force the attacker to accept the export-grade key.
- The attacker will the factor the export-grade key to decrypt all the possible data exchange between the server and the client.
Impact
This vulnerability can be exploited using a man-in-the-middle attack. In the latest version of OpenSSL, the use of EXPORT-grade ciphers is disabled. Due to this feature, the latest versions of Red Hat Enterprise Linux (5.11, 6.6 and 7.1) are shipped with OpenSSL. Applications that utilise the OpenSSL library can enable this feature. Due to this reason, this vulnerability is considered to affect all the Red Hat Enterprise Linux 5, 6 and 7 systems. The commonly affected systems include the Server, Workstation, Desktop, and HPC Node variants with vulnerable versions of OpenSSL packages. The OpenSSL097a version is the current SSL version that is being shipped with Red Hat Enterprise Linux 5. This version of OpenSSL is also vulnerable to this attack. As we know, the Red Hat Enterprise Linux 5 is now in the Production 3 phase of its support and maintenance life cycle. There will be support for only Critical security issues. The Red Hat Enterprise has not yet decided to fix this issue in their future updates.
Mitigation / Precaution
Beagle recommends the following fixes:-
- Install the updated OpenSSL packages such as RHSA-2015-0066 and RHSA-2015-0800.
- Disable support for TLS export cipher suites if possible.
