Detection of the FREAK vulnerability

[mkenne11]

As a learning exercise I am considering writing a data handler to detect the FREAK vulnerability: http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html

Do you think this is worth adding to ngtf?

My understanding is for the vulnerability to exist two issues need to be present:

1. the server needs to accept RSA export ciphers, and
2. a vulnerability in the (mobile app) TLS library allowing secure RSA ciphers to be downgraded to export grade.

I see ngtf already checks for issue 1 (export ciphers on the server) though.

[mkenne11]

BTW. When performing a mitm I wouldn't try and complete the attack - factoring the 512 bit key wouldn't be feasible on most hardware.

I would try returning an export grade cipher in the server hello request, and if the client accepts it terminate the tls connection process.