https://www.smacktls.com/#freak
"Among the various state machine problems we found, one is particularly interesting because it leads to a server impersonation exploits against several mainstream browsers (including Safari and OpenSSL-based browsers on Android). This attack targets a class of deliberately weak export cipher suites. As the name implies, this class of algorithms have been introduced under the pressure of US governments agencies to ensure that the NSA would be able to decrypt all foreign encrypted communication, while stronger algorithms were be banned from export (as they were classified as weapons of war). Support for these weak algorithms has remained in many implementations such as OpenSSL, even though they are typically disabled by default; however, we discovered that several implementations incorrectly allow the message sequence of export ciphersuites to be used even if a non-export ciphersuite was negotiated." I commenti di: Matthew Green: http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html Ed Felten: https://freedom-to-tinker.com/blog/felten/freak-attack-the-chickens-of-90s-crypto-restriction-come-home-to-roost/ rob ________________________________________________________ http://www.sikurezza.org - Italian Security Mailing List
