Skip to content
This repository has been archived by the owner on Dec 6, 2023. It is now read-only.

Detection of the FREAK vulnerability #97

Open
mkenne11 opened this issue Oct 5, 2015 · 1 comment
Open

Detection of the FREAK vulnerability #97

mkenne11 opened this issue Oct 5, 2015 · 1 comment

Comments

@mkenne11
Copy link

mkenne11 commented Oct 5, 2015

As a learning exercise I am considering writing a data handler to detect the FREAK vulnerability:
http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html

Do you think this is worth adding to ngtf?

My understanding is for the vulnerability to exist two issues need to be present:

  1. the server needs to accept RSA export ciphers, and
  2. a vulnerability in the (mobile app) TLS library allowing secure RSA ciphers to be downgraded to export grade.

I see ngtf already checks for issue 1 (export ciphers on the server) though.
@mkenne11
Copy link
Author

mkenne11 commented Oct 5, 2015

BTW. When performing a mitm I wouldn't try and complete the attack - factoring the 512 bit key wouldn't be feasible on most hardware.

I would try returning an export grade cipher in the server hello request, and if the client accepts it terminate the tls connection process.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mkenne11