[Infowarrior] - FREAK: How government security worries got us into this mess

[Richard Forno]

FREAK: How government security worries got us into this mess

Analysis Cheers guys
By Dave Neal
Thu Mar 19 2015, 08:25       

http://www.theinquirer.net/inquirer/feature/2400375/freak-how-government-security-worries-got-us-into-this-mess          

FREAK, THE ELDERLY OpenSSL problem that has set insecurity firms alight over the past couple of weeks, continues to make headlines, but why? What on earth caused this terrible mess?

We say 'terrible mess' because it has led to warnings about millions of vulnerable websites, people and equipment, and apologies from firms. We say 'terrible mess' in particular because FREAK is an issue that has effectively been caused by a government that was looking to downgrade overseas security for its own nefarious surveillance-related ends.

This is exactly the kind of activity that keeps citizens and rights groups awake at night, and the fact that a 20-something-year-old decision is having repercussions now is hard for some to swallow.

In order to understand why FREAK is a problem, we are going to have to go back in time. It is the 1990s, so break out your mixtape of Avril Lavigne and Nickelback and remember a time when people talked about Netscape and when the US government was concerned about the quality of RSA encryption and its adoption by johnny foreigner types.

At that time the US government was worried about other countries enjoying the same benefits as its citizens, and decided to do something about it. The US cryptography export regulations created then have led to a situation where now, in 2015, we are worried about the integrity of the internet.

The repercussions of a decision in 1992 to have a US edition of Netscape with 1024-bit RSA public keys in combination with 128-bit symmetric keys, and an international version with 512 bits and 40 bits are being felt today because the weakened encryption system limped on and made its way into modern technology through a sort of software osmosis.

We learned this month that it lurks within official government websites and on software and systems from firms including Microsoft, BlackBerry, Apple and Google.

Matthew Green, cryptographer and research professor at Johns Hopkins University, said that the US decision to limit overseas encryption was ‘dumb'.

"Back in the early 1990s when SSL was first invented at Netscape Corporation, the United States maintained a rigorous regime of export controls for encryption systems. In order to distribute crypto outside of the US, companies were required to deliberately 'weaken' the strength of encryption keys. For RSA encryption, this implied a maximum allowed key length of 512 bits," he said.

"The 512-bit export grade encryption was a compromise between dumb and dumber. In theory it was designed to ensure that the NSA would have the ability to ‘access' communications, while allegedly providing crypto that was still ‘good enough' for commercial use. Or if you prefer modern terms, think of it as the original ‘golden master key'."

Researchers from Royal Holloway, University in London, published the results of studies into the impact on FREAK on IPv4 servers this week and revealed that a significant number are still rife for exploitation (PDF).

Researchers Martin R. Albrecht, Davide Papini, Kenneth G. Paterson, and Ricardo
Villanueva-Polanco showed how simple it is to crack a system and save big bucks as a result.

"We found that only 9.7 percent of servers now support such export-grade RSA keys. However, we also found that some keys are repeated with high frequency, making each of them an attractive target for a direct factoring attack," they wrote, explaining that they saved some $9,000 in cloud computing costs through a simple computation and a $100 investment.

They added that they "consider this to be a good return on investment for a Friday afternoon's work". As would, we assume, any hacker.

While exploiting FREAK is easier said than done, the flaw's very existence should anger anyone that has heard calls from governments, abroad and at home, for a weakening of encryption and security.

There is a lot to worry about. This year, the Electronic Frontier Foundation urged consumers to wise up to the risk of government surveillance, and warned about another potential historical threat, specifically the controversial Executive Order 12333 surveillance law that was passed in 1981 and still needs tackling.

"Most people haven't even heard of it, but Executive Order 12333 is the primary authority the NSA uses to engage in the surveillance of people outside the US," it said.

"President Obama could undo the worst parts of this executive order just as easily, by issuing a presidential order banning mass surveillance of people regardless of their nationality."

Meanwhile, prime minister David Cameron has hinted that a future Conservative government would seek to ban encryption because of the threat of terrorism.

"I think we cannot allow modern forms of communication to be exempt from the ability, in extremis, with a warrant signed by the home secretary, to be exempt from being listened to. That is my very clear view and if I am prime minister after the next election I will make sure we legislate accordingly," he said.

"Obviously we are in a coalition. We have made progress on this issue by passing the new law which makes sure we protect some of the abilities we have to stop terrorists."

In response to these comments, Jim Killock, executive director of the Open Rights Group, said, "Cameron's plans appear dangerous, ill-thought out and scary... Having the power to undermine encryption will have consequences for everyone's personal security."

Hopefully more enlightened lawmakers are listening, because as the venerable security expert Bruce Schneier put it, nothing is going to change unless governments do.

"The weak algorithms are still there, and can be exploited by attackers. This is the generic problem with government-mandated backdoors, key escrow, golden keys, or whatever you want to call them," he wrote.

"We don't know how to design a third-party access system that checks for morality; once we build in such access, we then have to ensure that only the good guys can do it. And we can't." µ


---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.