Published on March 15th, 2016 📆 | 7352 Views ⚑


Latest attack against TLS shows the pitfalls of intentionally weakening encryption

TTS Demo

Following FREAK and Logjam, DROWN is the third attack resulting from encryption algorithms that were deliberately weakened by the government

For the third time in less than a year, security researchers have found a method to attack encrypted Web communications, a direct result of weaknesses that were mandated two decades ago by the U.S. government.

These new attacks show the dangers of deliberately weakening security protocols by introducing backdoors or other access mechanisms like those that law enforcement agencies and the intelligence community are calling for today.

The field of cryptography escaped the military domain in the 1970s and reached the general public through the works of pioneers like Whitfield Diffie and Martin Hellman, and ever since, the government has tried to keep it under control and limit its usefulness in one way or another.

[adsense size='1']

One approach used throughout the 1990s was to enforce export controls on products that used encryption by limiting the key lengths, allowing the National Security Agency to easily decrypt foreign communications.

This gave birth to so-called "export-grade" encryption algorithms that have been integrated into cryptographic libraries and have survived to this day. While these algorithms are no longer used in practice, researchers found that the mere support for them in TLS (Transport Layer Security) libraries and server configurations endanger Web communications encrypted with modern standards.

In March 2015, a team of researchers from Inria in Paris and the miTLS project developed an attack dubbed FREAK. They found that if a server was willing to negotiate an RSA_EXPORT cipher suite, a man-in-the-middle attacker could trick a user's browser to use a weak export key and decrypt TLS connections between that user and the server.

In May, another team of researchers announced another attack dubbed Logjam. While similar in concept to FREAK, Logjam targeted the Diffie-Hellman (DHE) key exchange instead of RSA and affected servers that supported DHE_EXPORT ciphers.