FREAK SSL security flaw stems from US government policy

Thousands and thousands of websites had been left vulnerable to hackers for more than a decade due to a former U.S. government policy, according to cybersecurity researchers.

Safari , the default BlackBerry 10 browser, the default Android browser — but not Chrome — are affected.

Meanwhile, Apple and Google have been working on a fix for the FREAK flaw.

The flaw resulted from a former U.S. government policy that forbade the export of strong encryption and required that weaker “export-grade” products be shipped to customers in other countries, say the researchers who discovered the problem. These restrictions were lifted in the late 1990s, but the weaker encryption got baked into widely used software that proliferated around the world and back into the United States, apparently unnoticed until this year.

Researchers discovered in recent weeks that they could force browsers to use the weaker encryption, then crack it over the course of just a few hours. Once cracked, hackers could steal passwords and other personal information and potentially launch a broader attack on the Web sites themselves by taking over elements on a page, such as a Facebook “Like” button.

Matthew D. Green, a Johns Hopkins cryptographer who helped investigate the encryption flaw, said any requirement to weaken security adds complexity that hackers can exploit.

“You’re going to add gasoline onto a fire,” said Green. “When we say this is going to make things weaker, we’re saying this for a reason.”

Christopher Soghoian, principal technologist for the ACLU, said

“You cannot have a secure and an insecure mode at the same time… What we’ve seen is that those flaws will ultimately impact all users.”

The existence of the problem with export-grade encryption amazed the researchers, who have dubbed the flaw “FREAK” for Factoring attack on RSA-EXPORT Keys.

The export-grade encryption had 512 bits, the maximum allowed under U.S. restrictions designed to limit trade in military technologies in the 1990s, during a an era often called “The Crypto Wars” because of pitched political battles over deploying cryptographic algorithms that even advanced government computers had trouble cracking. But 512-bit cryptography has been considered unacceptably weak for more than a decade. Even experts thought it had disappeared.

“We thought of course people stopped using it,” said Karthikeyan Bhargavan, a researcher at the French computer science lab INRIA whose team initially found the problem during testing of encryption systems.

Nadia Heninger, a University of Pennsylvania cryptographer, said,

“This is basically a zombie from the ‘90s.”

For vulnerable sites, Heninger found that she could crack the export-grade encryption key in about seven hours, using computers on Amazon Web services. This would allow hackers to conduct what experts call a “man-in-the-middle” attack to make seemingly encrypted traffic easy to read. Such attacks can be launched by anybody who has access to Internet traffic, including governments, Internet providers and coffee shops or airports that offer wifi hotspots.

Green and the other researchers have been alerting affected government agencies and companies over the past several weeks in hopes that they could correct the problem before it became public. Akamai, a leading cloud services company, however reported on efforts it had made to mitigate the problem in a blog post Monday afternoon, bringing attention to the issue earlier than the researchers had planned.

In recent days, FBI.gov and Whitehouse.gov have been fixed, though NSA.gov remains vulnerable, said Green. Apple is preparing a security patch that will be in place next week for both its computers and its mobile devices, said company spokeswoman Trudy Miller.

Google’s Chrome browser is not vulnerable to the FREAK bug, but the browser that comes built into most Android devices is vulnerable. Connections to Google’s search Web site are not affected by the flaw.

The company said Tuesday that it has developed a patch for the Android operating system’s browser and has provided it to “partners,” meaning the companies that make most Android devices. It will be up to those companies to deploy it.

Apple says it plans to issue patches for iOS and OS X next week. There is no word at the time of writing from BlackBerry.