Jump to content
Sign in to follow this  

(paper) Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

Recommended Posts

We describe novel attacks built upon a technique we call malleability gadgets to reveal the plaintext of encrypted emails. We use CBC/CFB gadgets to inject malicious plaintext snippets into encrypted emails that abuse existing and standard conforming backchannels, for example, in HTML, CSS, or x509 functionality, to exfiltrate the full plaintext after decryption.


The attack works for emails even if they were collected long ago, and is triggered as soon as the recipient decrypts a single maliciously crafted email from the attacker.


We devise working attacks for both OpenPGP and S/MIME encryption, and show that exfiltration channels exist for 23 of the 35 tested S/MIME email clients and 10 of the 28 tested OpenPGP email clients. While it is necessary to change the OpenPGP and S/MIME standards to fix these vulnerabilities, some clients had even more severe implementation flaws allowing straightforward exfiltration of the plaintext.


Download pdf: https://efail.de/efail-attack-paper.pdf

  • Upvote 2

Share this post

Link to post
Share on other sites

Nu e tocmai o problema in OpenPGP/S/MIME dupa cum suna acest articol, deci puteti folosi in continuare.

Problema e la anumiti clienti de email care afiseaza HTML. 

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this