LLMpediaThe first transparent, open encyclopedia generated by LLMs

FREAK attack

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Hypertext Transfer Protocol Secure Hop 3
Expansion Funnel Raw 134 → Dedup 19 → NER 8 → Enqueued 7
1. Extracted134
2. After dedup19 (None)
3. After NER8 (None)
Rejected: 11 (not NE: 11)
4. Enqueued7 (None)
FREAK attack
NameFREAK attack
Typecryptographic downgrade attack
Discovered2015
AffectedTLS/SSL implementations supporting export-grade RSA
Mitigated2015–2016 patches

FREAK attack The FREAK attack was a cryptographic downgrade vulnerability affecting Transport Layer Security and Secure Sockets Layer implementations that allowed an attacker to force weak export-grade RSA keys, enabling interception and decryption of connections. Disclosed in 2015, it implicated major vendors, government policy legacies, and a wide range of servers and clients across the Internet. The vulnerability intersected with historical United States export controls, prominent standards bodies, and consequential incident response by large technology firms.

Background

The vulnerability traced to 1990s United States Department of Commerce and United States Department of State export restrictions that produced "export-grade" cryptography policies implemented by vendors like Netscape Communications Corporation, Microsoft Corporation, and others. Standards developed by the Internet Engineering Task Force and documented in Request for Comments influenced implementations in products from OpenSSL Project, GnuTLS, Bouncy Castle, Apple Inc., and Google LLC. Historical context involved diplomatic and policy actors such as Clinton administration officials and subsequent regulatory changes during the Clinton presidency and Bush administration. The technical scene included vendors, researchers at institutions like INRIA, MIT, Stanford University, and companies including Amazon.com, Facebook, Inc., Twitter, Inc., Yahoo! Inc., and Microsoft Azure.

Vulnerability Details

At the protocol level, the issue exploited negotiation between client and server during the TLS handshake where cipher suite selection and key exchange algorithms are chosen. Implementations that retained support for export-grade RSA allowed an attacker performing a man-in-the-middle attack to coerce parties into using weak 512-bit RSA keys. Cryptanalytic feasibility relied on advances in computational resources available to actors such as National Security Agency, cloud providers like Amazon Web Services, research groups at Lawrence Livermore National Laboratory, and academic teams from University of California, Berkeley and University of Cambridge. The attack leveraged interoperability code paths in libraries like OpenSSL, LibreSSL, NSS (software), Schannel, and proprietary stacks in Oracle Corporation and IBM products. Standards and specifications from IETF TLS Working Group, past NIST guidance, and historic export policy artifacts played roles in the protocol behavior exploited.

Exploitation and Impact

Operational exploitation required network access enabling active interception, achievable on public Wi‑Fi networks, compromised routers, or through strategic routing control by actors including state actors linked to nations such as China, Russia, Iran, and North Korea. High-profile services affected included those run by Google, Facebook, PayPal, LinkedIn, Dropbox, Apple, Microsoft and many others, causing coordinated mitigation by enterprise security teams at Cisco Systems, Juniper Networks, Akamai Technologies, Cloudflare, and Fastly. The impact encompassed potential decryption of HTTPS traffic, impersonation of HTTPS endpoints, and credential theft with downstream effects for services like GitHub, Stripe, Square, Shopify, and Salesforce. Incident response involved collaboration with CERTs such as US-CERT, CERT-EU, and vendor incident teams at Mozilla Foundation and Google Project Zero.

Mitigation and Patches

Mitigation required removing or disabling support for export cipher suites and updating TLS libraries and server configurations. Vendors issued patches from teams at OpenSSL Software Foundation, Mozilla Foundation, Apple Security Response, Microsoft Security Response Center, Oracle Security Team, and Red Hat. Major patch distributions and coordination occurred via channels including Apache Software Foundation projects, Debian Project packages, Ubuntu, CentOS, and FreeBSD. Best practice guidance from ENISA, NIST Computer Security publications, and corporate security advisories instructed administrators to disable weak ciphers, patch clients like Internet Explorer, Google Chrome, Mozilla Firefox, Safari (web browser), and update libraries such as libcurl and Python's ssl module bindings. Certificate authorities including DigiCert, Let's Encrypt, Symantec, and GlobalSign participated in mitigation messaging.

Detection and Response

Detection approaches included network scanning tools from projects like Nmap, sslscan, testssl.sh, and services operated by Qualys SSL Labs, Shodan, and Censys. Security researchers used platforms such as GitHub, Bitbucket, GitLab, and collaboration via IETF mailing lists to share proof-of-concept code and detection scripts. Incident responders relied on logging from nginx, Apache HTTP Server, HAProxy, and Lighttpd as well as telemetry from Splunk, ELK Stack, Prometheus, and Wireshark packet captures. Coordination among disclosure stakeholders involved CERT Coordination Center, FIRST members, and industry groups like ISACs.

History and Notable Incidents

The vulnerability was publicly disclosed in 2015 following research by teams at IMDEA Software Institute, Microsoft Research, and academic collaborators associated with École Polytechnique Fédérale de Lausanne, University of Michigan, University of Illinois Urbana–Champaign, and Brown University. Patching campaigns spanned 2015–2016 with follow-on analyses by Google Project Zero, Mozilla Security Team, and independent auditors from KPMG and Ernst & Young. Notable coverage appeared in outlets such as The New York Times, The Guardian, Wired, Ars Technica, and The Washington Post, and was discussed at conferences including Black Hat USA, DEF CON, USENIX Security Symposium, RSA Conference, IETF meetings, and ACM CCS. The incident influenced future policy and engineering efforts at IETF, NIST, and large vendors, contributing to removal of legacy export cipher suites from mainstream stacks and informing subsequent hardening against protocol downgrade attacks like variants addressed by TLS_FALLBACK_SCSV and later TLS 1.3 design decisions.

Category:Cryptographic attacks