Wednesday, 23 January, 2019

A "serious" flaw has been found in PGP and S/MIME email encryption

Computer encryption A "serious" flaw has been found in PGP and S/MIME email encryption
Theresa Hayes | 14 May, 2018, 18:14

They've discovered a critical vulnerability dubbed EFAIL that could allow an attacker to view the contents of encrypted messages in plaintext, including emails that have been sent in the past.

He said the vulnerabilities "might reveal the plaintext of encrypted emails, including encrypted emails sent in the past" and that there are no current fixes available. The Electronic Frontier Foundation (EFF) advises to immediately disable all email tools that automatically decrypt PGP.

The PGP encryption is mostly used by political activists, journalists, and whistleblowers as an extra layer of encryption.

Sebastian Schinzel, one of the researchers, promised in a Tweet to provide more details of the vulnerabilities on May 15.

EFF's statement on the matter mirrored Schinzel's, and also includes instructions on how to disable PGP plug-ins in Thunderbird with Enigmail, Apple Mail with GPGTools and Outlook with Gpg4win. The surreptitious exfiltration works against both the PGP and S/MIME standards.

According to encryption software GNU Privacy Guard (GnuPG), the problem comes from email programs that fail to check for decryption errors properly and follow links in emails that included HTML code. "The attack has a large surface, since for each encrypted email sent to n recipients, there are n + 1 mail clients that are susceptible to our attack", the abstract of the research paper reads. The importance of email encryption went mainstream after whistleblower Edward Snowden revealed the extent of the US government's electronic surveillance in 2013.

Germany's Federal Office for Information Security (BSI) put out a statement saying there were risks that attackers could secure access to emails in plaintext once the recipient had decrypted them. It's this variety that attackers use to ambush users of OpenPGP and S/Mime by sending a slightly modified S/Mime email to the victim's address.

It added, however, that it considered the encryption standards themselves to be safe if correctly implemented and configured. However, the researchers have confirmed the exploitable vulnerabilities only exist for email users.