jspωiki
FREAK

Overview[1]#

FREAK ("Factoring RSA_EXPORT Keys") is an Exploit of a cryptographic weakness in the SSL/TLS protocols using RSA key-exchange introduced decades earlier for compliance with United States Cryptography Export-Import Laws. (Export Ciphers)

FREAK is an Exploit of the RSA key-exchange similar to the logjam which was an attack of the Diffie-Hellman key-exchange.

FREAK allows a downgrade in TLS to Export-grade Cryptography which then allows decryption

FREAK attack in OpenSSL has the CVE identifier CVE-2015-0204.

More Information#

There might be more information for this subject on one of the following:
  • [#1] - FREAK - based on information obtained 2017-06-07-