[Cryptography] What ever happened to end-to-end email encryption?

Henry Baker hbaker1 at pipeline.com
Sun Aug 22 19:08:49 EDT 2021


Re: Russians: "The attacks in the paper are interesting, but not a significant threat in practice"

This probably explains why smtp.yandex.ru is still vulnerable to these StartTLS attacks...

-----Original Message-----
From: <cryptography at metzdowd.com>
Sent: Aug 21, 2021 10:09 PM
To: <cryptography at metzdowd.com>
Subject: Re: [Cryptography] What ever happened to end-to-end email encryption?

On Sat, Aug 21, 2021 at 01:44:56PM +0000, Henry Baker wrote:
> Check out this recent USENIX paper on STARTTLS in SMTP & IMAP;
> many email providers & email clients still can't achieve the basic
> requirement to not send email passwords in the clear.
>
> https://www.usenix.org/conference/usenixsecurity21/presentation/poddebniak

The paper is mostly old news, and the vulnerable applications (non-MTA
IMAP and SUBMIT servers and clients) are lately moving to implicit TLS
(ports 465 and 993). Of course their STARTTLS stacks should also have
the same fixes that MTAs applied 10 years ago.

> And we still blame the Russians for hacking emails?

The attacks in the paper are interesting, but not a significant threat
in practice, since they are sophisticated on-path attacks, and it is far
easier to send links to booby-trapped web sites, attach malware
executables, ...

My estimate of the number of users exploited via such attacks is exactly
zero.

--
Viktor.




More information about the cryptography mailing list