A U.S. government plan to weaken encryption products used in other countries has returned to imperil millions of American Internet users.

Major retailers and financial institutions are among the millions of entities the websites of which contain a major security flaw, dubbed “FREAK,” that has remained unreported for more than a decade. Companies are scrambling to patch the vulnerability, which researchers say can be easily exploited to obtain passwords and other sensitive information.

The flaw is the result of a U.S. policy devised in the 1990s that for many years prohibited the export of strong encryption, instead requiring companies to provide only weaker “export-grade” encryption in foreign countries.

The restrictions were eventually lifted and haven’t been imposed for more than a decade, but the weaker encryption is now widely used in international software environments, and as that software has migrated back to the U.S., millions of American consumers have been compromised.

Restrictions on exported encryption software were part of an effort by the U.S. government to ensure that its intelligence agencies could intercept and decrypt foreign communications. At the time, cryptography was classified as a “munition” and considered military technology. Ironically, the websites of the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the White House are among those vulnerable to exploitation as a result of substandard encryption software.

“The export-grade RSA ciphers are the remains of a 1980s-vintage effort to weaken cryptography so that intelligence agencies would be able to monitor foreign traffic,” Matthew Green, a research professor at Johns Hopkins University who helped reveal FREAK, said in a blog post. “This was done badly. So badly, that while the policies were ultimately scrapped, they’re still hurting us today.”

The moral, according to Green, is simple: “Encryption backdoors will always turn around and bite you in the ass. They are never worth it.”

“Support for these weak algorithms has remained in many implementations such as OpenSSL, even though they are typically disabled by default,” wrote the team, called SMACK (State Machine AttCKS), that discovered the flaw. The team includes cryptographers from France, the European Union, and Microsoft Research.

FREAK affects the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols used to encrypt traffic between “secured” websites and a browser. While a browser may rely on strong encryption by default, the researchers said that it was possible for an attacker to trick the client into downgrading to the weaker, exported version.

More than 5 million Web sites remain vulnerable to FREAK, University of Michigan computer-science researchers told the Washington Post.

After the disclosure, SMACK launched a website, FreakAttack.com, to help distribute information about the servers affected. One of the largest such websites belongs to American Express. Bloomberg, Business Insider, and NPR are just a few of the news organizations compromised. Many retailers, such as JCPenny, J.Crew and Forever 21, are also listed.

According to SMACK, Chrome and Firefox users, while still at risk, are less likely to be affected. Apple is currently in the process of rolling out a patch for Safari, a company spokesperson said. Google is reportedly doing the same for the Android operating system’s default browser.

The FREAK flaw is likely to create an issue for U.S. intelligence officials, who have been adamant in recent months that tech companies—including smartphone makers and software vendors—install “backdoors” in their products to make law enforcement’s job easier. Many private companies have been critical of this idea, noting that a government backdoor is really a universal backdoor provided a hacker can locate it.

Security experts and international relations analysts have noted that, if companies offer the U.S. government such a backdoor, they may be forced to offer the same arrangement to other foreign powers, like China, in order to enter those markets.

“This flaw is a reminder that security is above all a business,” said Jeffrey Carr, head of the web security firm Taia Global, “and that if a company must choose between hardened security and bypassing export laws, for example, they’ll opt for weakened security in a heartbeat.”

Carr added, “It’s also a reminder of what the federal government is expecting businesses to do to accommodate their own demand for weakened security. You have to wonder who in the business community or the government will stand up for privacy?”

Photo by Adam Foster/Flickr (CC BY 2.0)