TECHNOLOGY

Outdated Encryption Keys Leave Phones Vulnerable to Hackers

By  and 
Steve Jobs with Apple computers in 1999. A  policy that forbade the export of products with strong encryption in the 1990s has left users of devices like Android and Apple phones vulnerable. Peter DaSilva for The New York Times 
SAN FRANCISCO — A government policy that forbade the export of products with strong encryption in the 1990s has years later left users of devices like Android and Apple phones vulnerable to hackers when they visit one-third of all websites, including whitehouse.gov and nsa.gov.
Researchers last month discovered millions of devices and websites were using an outdated encryption key to secure their communications. The weak key resulted from a Clinton administration mandate that software and hardware makers use weak cryptography in products exported outside the United States.
Once those restrictions were relaxed in the late 1990s, many technology makers abandoned the weak cryptography. But researchers said this week that the old keys were included in the code that is still being used in a variety of modern devices and websites.
The discovery of the old vulnerability comes as officials in the United States and Britain press the technology industry to create so-called back doors for law enforcement agencies into the new and hard-to-crack encryption used by its products. Those back doors, industry officials argue, can just as well be used by hackers to intercept communications and pose an unnecessary risk to customers.
“When computer scientists say you can’t build a crypto back door without weak encryption for everyone, this is exactly what we’re worried about,” said J. Alex Halderman, assistant professor of computer science and engineering at the University of Michigan.
The debate over encryption — touched off by Edward J. Snowden’s disclosures of the nation’s efforts to crack and circumvent such protections — has intensified over the last year as technology companies added stronger security that would lock out government agencies.
The National Security Agency and the F.B.I. have urged tech companies to keep a back door open through their security technology for law enforcement agencies. And David Cameron, the British prime minister, has threatened to outlaw encrypted apps like Facebook’s WhatsApp messaging service.
But many tech companies have repeatedly said they have no intentions of changing what they’re doing, as Timothy D. CookApple’s chief executive, signaled in a speech last month at Stanford.
“If those of us in positions of responsibility fail to do everything in our power to protect the right of privacy, we risk something far more valuable than money — we risk our way of life,” Mr. Cook told an audience of White House officials, executives and cybersecurity experts. “Fortunately, technology gives us the tools to avoid these risks, and it’s my sincere hope that by using them and by working together, we will.”
There is no indication that hackers have exploited the newly discovered flaw, and technology companies say they are working to fix the problem.
Apple said on Wednesday it would patch the vulnerability through software updates for its mobile operating system, iOS, and its Macintosh operating system, OS X, next week. Google said it had developed a patch to protect Android connections to websites and provided the patch to Android manufacturers. BlackBerry and Amazon, whose products are also affected by the flaw, did not immediately respond to requests for comment.
Researchers are updating a list of vulnerable websites and services on their website, Freakattack.com, and pushing site administrators, device manufacturers and users to upgrade their software. More than a third of the 14 million websites scanned by researchers at the University of Michigan are still vulnerable.
Security researchers are calling the vulnerability Freak — short for factoring attack on RSA export keys — because it can be used to crack a 512-bit encryption key in seven hours, using Amazon’s readily available cloud computer service, at a nominal cost of $100 per website. A 512-bit key was the strongest allowed for export at the time. Today, that is considered inadequate.
After researchers from Microsoft and Inria, the French computer science lab, discovered the vulnerability last month, Matthew D. Green, a cryptography researcher at Johns Hopkins University, warned the researchers that it could be more widespread or dangerous than they had thought.
Soon after, the researchers discovered that roughly 36 percent of online servers were vulnerable. Mr. Green alerted the affected technology companies.
Mr. Green said the vulnerability demonstrated the risk inherent in weakening encryption in order to allow law enforcement agencies access to secured communications.
The flaw is the fourth major — and old — security issue to be discovered hidden in a variety of tech products. Critics say that part of the problem is that there are not enough people paid to test and monitor the security of widely used Internet systems. Also, the Internet consists of a lot of moving parts with different people responsible for software, servers, bugs and more — and they often do not communicate.
“Nobody was kind of looking down to see how all these different issues fit together,” Mr. Green said.