[Cryptography] Vulnerability found in badly broken email apps that use PGP and S/MIME
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Mon May 14 21:08:26 EDT 2018
Ray Dillinger <bear at sonic.net> writes:
>S/MIME's capability to cut and join messages at arbitrary boundaries after
>applying processing (including decryption) to selected substrings makes it
>worse.
Unless your S/MIME implementation does authenticated encryption from 10+ years
ago, RFC 5083, in which case the gadget attack just bounces off.
Mind you, a mailer broken enough to auto-fetch images/auto-render HTML content
will also implement authenticated encryption as "Message tampering detected,
continue anyway?", default = Yes.
Peter.
More information about the cryptography
mailing list