Microsoft products no longer vulnerable to RSA key downgrade

Mar 11, 2015 13:06 GMT  ·  By

This month’s batch of updates from Microsoft includes a fix for the recently reported FREAK vulnerability, which preys on the possibility to force the use of a weak encryption key for the SSL/TLS communication between a client and a server.

Initially, it was believed that only Android and Apple products were susceptible to this type of attack, but Microsoft disclosed that Secure Channel (Schannel), its implementation of the SSL/TLS cryptographic protocols, was also affected and that all supported Windows versions were impacted.

MitM attacks could enable usage of export-grade RSA key

On Tuesday, the company released the fix that prevents exploitation of the flaw (CVE-2015-1637) on its products by an attacker in a position to intercept the secure communication exchanged between vulnerable clients and servers.

The vulnerability stems from a policy introduced in 1990 that required the use of export-grade cipher suites in products exported outside the US.

These cipher suites would be instructed to use 512-bit RSA keys to protect the encrypted communication, which today can be easily cracked, in about seven hours and with an investment of $100 / €94 for renting cloud computing power.

Although vendors have dropped the insecure encryption method, support for the export-grade cryptography remained implemented and an attacker could inject packets in the secure traffic to force a downgrade of the RSA key, allowing them to decrypt the secure traffic.

Weak RSA key exchange pushed down on the priority list

Microsoft says that the current update does not disable the export ciphers on Windows Sever 2003; but the systems are protected nonetheless, as the weak encryption schemes have been moved to a lower position in the priority list and downgrading the length of the RSA key in a TLS connection to a Windows server is no longer accepted.

“The security update addresses the vulnerability by correcting the cipher suite enforcement policies that are used when server keys are exchanged between servers and client systems,” a Tuesday security bulletin from Microsoft explains.

Open-source crypto library OpenSSL and Apple’s Secure Transport were also affected by FREAK (Factoring RSA Export Keys) attacks. Apple released a patch for the flaw on Monday, while OpenSSL solved the issue back in January.