|
FREAK ("Factoring RSA Export Keys") is a security exploit of a cryptographic weakness in the SSL/TLS protocols introduced decades earlier for compliance with U.S. cryptography export regulations. These involved limiting exportable software to use only public key pairs with RSA moduli of 512 bits or less (so-called ''RSA_EXPORT'' keys), with the intention of allowing them to be broken easily by the NSA, but not by other organizations with lesser computing resources. However, by the early 2010s, increases in computing power meant that they could be broken by anyone with access to relatively modest computing resources using the well-known Number Field Sieve algorithm, using as little as $100 of cloud computing services. Combined with the ability of a man-in-the-middle to manipulate the initial cipher suite negotiation between the endpoints in the connection and the fact that the Finished hash only depended on the master secret, this meant that a man-in-the-middle, with only a modest amount of computation could break the security of any website that allowed the use of 512-bit export-grade keys. While the exploit was only discovered in 2015, its underlying vulnerabilities had been present for many years, dating back to the 1990s. ==Vulnerability== The flaw was found by researchers from IMDEA, INRIA and Microsoft Research.〔(【引用サイトリンク】title=State Machine AttACKs against TLS (SMACK TLS) )〕 The FREAK attack in OpenSSL has the CVE identifier CVE-2015-0204.〔(【引用サイトリンク】title=Vulnerability Summary for CVE-2015-0204 )〕 Vulnerable software and devices included Apple's Safari web browser, the default browser in Google's Android phone operating system, Microsoft's Internet Explorer, and OpenSSL. Microsoft has also stated that its SChannel implementation of transport-layer encryption is vulnerable to a version of the FREAK attack in all versions of Microsoft Windows. The CVE ID for Microsoft's vulnerability in SChannel is CVE-2015-1637.〔(【引用サイトリンク】title=Microsoft Security Advisory 3046015: Vulnerability in Schannel Could Allow Security Feature Bypass )〕 The CVE ID for Apple's vulnerability in Secure Transport is CVE-2015-1067.〔(【引用サイトリンク】title=About the security content of iOS 8.2 )〕 Sites affected by the vulnerability included the U.S. federal government websites fbi.gov, whitehouse.gov and nsa.gov,〔 with around 36% of HTTPS-using websites tested by one security group shown as being vulnerable to the exploit.〔 Based on geolocation analysis using IP2Location LITE, 35% of vulnerable servers are located in the USA.〔(【引用サイトリンク】title=FREAK Servers By Country )〕 Press reports of the exploit have described its effects as "potentially catastrophic" and an "unintended consequence" of U.S. government efforts to control the spread of cryptographic technology. , vendors were in the process of releasing new software that would fix the flaw.〔 On March 9, 2015, Apple released security updates for both iOS 8 and OS X operating systems which fixed this flaw.〔(【引用サイトリンク】title=About Security Update 2015-002 )〕〔(【引用サイトリンク】title=About the security content of iOS 8.2 )〕 On March 10, 2015, Microsoft released a patch which fixed this vulnerability for all supported versions of Windows (Server 2003, Vista and later).〔(【引用サイトリンク】title=Microsoft Security Bulletin MS15-031 - Important )〕 Google Chrome 41 and Opera 28 has also mitigated against this flaw.〔(【引用サイトリンク】title=State Machine AttACKs against TLS (SMACK TLS) )〕 Mozilla Firefox is not vulnerable against this flaw.〔(【引用サイトリンク】title=Microsoft Admits Windows Users Are Vulnerable to FREAK Attacks )〕 The research paper explaining this flaw has been published at the 36th IEEE Symposium on Security and Privacy and has been awarded the Distinguished Paper award.〔(【引用サイトリンク】title=IEEE Distinguished Paper award for A Messy State of the Union: Taming the Composite State Machines of TLS )〕 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「FREAK」の詳細全文を読む スポンサード リンク
|