The FREAK attack
Description
The FREAK (Factoring RSA Export Keys) attack exploits a vulnerability in SSL/TLS implementations that still support obsolete RSA export cipher suites. These export-grade cipher suites were intentionally weakened in the 1990s to comply with U.S. cryptography export restrictions and use 512-bit RSA keys, which can be factored by modern computing resources. When a server supports these weak cipher suites, an attacker performing a man-in-the-middle attack can downgrade the connection to use export-grade encryption, making the traffic vulnerable to decryption and manipulation.
Remediation
Immediately disable support for all RSA export cipher suites on your SSL/TLS servers. This includes any cipher suite containing 'EXPORT' in its name or using 512-bit RSA keys.
For Apache, edit your SSL configuration to exclude export ciphers:
SSLCipherSuite HIGH:!aNULL:!MD5:!EXP:!EXPORT:!LOW SSLHonorCipherOrder onFor Nginx, update your ssl_ciphers directive:
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:!EXP:!EXPORT'; ssl_prefer_server_ciphers on;After making changes, restart your web server and verify the configuration using SSL testing tools such as SSL Labs' SSL Server Test. Consult the Mozilla SSL Configuration Generator for up-to-date, secure configurations tailored to your specific server software and compatibility requirements.