[Cryptography] Attacks on PGP (and allegedly S/MIME)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu May 17 01:44:01 EDT 2018
Jerry Leichter <leichter at lrw.com> writes:
>If you look at this more closely, there's a fundamental violation of basic
>cryptographic principles involved here. Think of the old red (unencrypted
>"secret" world)/black (encrypted "sanitized" world) distinction. It was in
>the past often implemented as actual physical separation: "Red" material
>could only be accessed within a secure, isolated facility. All that could
>flow in and out of that facility was "black" material.
Just to confound things even further, the "encrypt everything" approach makes
this even worse. If you've only got sensitive, valuable email traffic
encrypted then you can afford to be careful with it, refuse to auto-render
HTML, follow links, and so on. However, if every piece of HTML-encrusted
gunk that turns up is also encrypted, you can no longer tell whether it's
something you want to isolate or not, and if you do isolate everything users
will switch to a different mailer that "works", in the sense that it
displays the HTML-encrusted gunk as intended.
Peter.
More information about the cryptography
mailing list