HomeDeveloper

PGP Flaw Leaves E-mails Vulnerable

Ryan Naraine
By Ryan Naraine

Security researchers have unearthed a flaw within the popular PGP encryption
tool that could allow snoopers to decode sensitive e-mails.

PGP , or Pretty Good Privacy, is the defacto standard for
encryption on the Internet and is widely thought of as invincible but
researchers at Counterpane Internet Security Inc and Columbia University say
they have found a way to modify a PGP-encrypted e-mail without having to
descrambling it.

In an advisory,
Counterpane said an attacker could repackage the message and pass the
modified message on to the intended recipient of the original message.

It said the text within the message would appear as gibberish and could lead
to a request for a resent. If the original text is included in the resend
request, the adversary may be able to determine the original message.

The detection of the flaw has forced an update to the OpenPGP standard,
which is expected to be released Monday.

The researchers found the flaw in both PGP and GnuPG but noted that the
attacks largely failed when data is compressed before encryption.

While the flaw is described as “serious,” the researchers found it was very
difficult to exploit and urged users of PGP to avoid including full text of
messages when replying.

“Users of GnuPG and PGP should be aware that compression should not be
turned off. Compression is turned on by default, but a user sending a
compressed
file will still be at risk from a chosen-ciphertext attack,” according to
the advisory.
If compression is not used, or if compressed files are sent, the
chosen-ciphertext attack could succeed against both GnuPG and PGP. The
security outfit said GnuPG is also vulnerable if the user does not view the
warning message that the encrypted data fails the message integrity check.

“In “batch mode “operation this warning would probably go unnoticed by the
user since in this case the decrypted,” it added.

The research showed the OpenPGP standard, as written, was vulnerable to
chosen ciphertext attack due to the following:

  • No explicit requirement of a message integrity check.
  • Optional implementation of compression.

  • Requiring acceptance of “uncompressed” as a valid form of compression.

    • “Developers of front end software for GnuPG need to propagate integrity
    violation warnings to the users. This is important not only for protection
    against chosen ciphertext attacks — integrity protection is useless if the
    user is not warned when it has been violated,” the company said.

    Ryan Naraine
    Ryan Naraine
    Previous article
    IBM Renews Offensive on Sun
    Next article
    Lycos to Develop Own Paid Placement Listings

    Similar Posts

    Get the Free Newsletter!

    Subscribe to our newsletter.

    Subscribe to Daily Tech Insider for top news, trends & analysis

    News Around the Web

    InternetNews is a source of industry news and intelligence for IT professionals from all branches of the technology world. InternetNews focuses on helping professionals grow their knowledge base and authority in their field with the top news and trends in Software, IT Management, Networking & Communications, and Small Business.

    Advertisers

    Advertise with TechnologyAdvice on InternetNews and our other IT-focused platforms.

    Advertise with Us

    Menu

    Our Brands

    Property of TechnologyAdvice.
    © 2024 TechnologyAdvice. All Rights Reserved

    Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.