‘FREAK’ — New SSL/TLS Vulnerability Explained

In the client's Hello message, it asks for a standard 'RSA' ciphersuite.
The MITM attacker changes this message to ask for 'export RSA'.
The server responds with a 512-bit export RSA key, signed with its long-term key.
The client accepts this weak key due to the OpenSSL/Secure Transport bug.
The attacker factors the RSA modulus to recover the corresponding RSA decryption key.
When the client encrypts the 'pre-master secret' to the server, the attacker can now decrypt it to recover the TLS 'master secret'.
From here on out, the attacker sees plain text and can inject anything it wants.

SSL FREAK Check CVE-2015-0204 檢查站台是否中標

Related posts 相關文章
用 DNSSEC 是為了安全,但如果憑證過期了怎麼辦
More...
使用 dehydrated 安裝 Let’s Encrypt SSL 憑證
More...
使用 certbot 安裝 Let’s Encrypt SSL 憑證
More...
安裝 Let’s Encrypt SSL 憑證的工具
More...

作者

留言

撰寫回覆或留言

發佈留言必須填寫的電子郵件地址不會公開。