[chiglug] EFF: Temporally Stop Using PGP for Encrypted E-mail

Wed May 16 17:58:11 UTC 2018

Greetings all,

Sorry for all the spam about this.

> The EFF says that there is a flaw in the PGP spec in that it does not require
an integrity check on an encrypted message.  Outside of that, I believe you
are right, it is a flaw in the implementations.

There are flaw in a *non-standard *[0][1] cipher used by GPG which does not
use CAST5 for encryption by default. Also note the use of the "disable MDC"
flag. For those that don't know, MDC is an authentication check for a
message to cryptographically verify that a message has not been tampered
with.

gpg --recipient 0xFB73E21AF1163937 --cipher-algo CAST5 --disable-mdc
--encrypt --sign --armor reply.txt

The MDC was was one of the first "authenticated encryption" schemes
created, but now there are more robust ones that GPG will migrate to.

> Also, on one of these mailing lists, Adam pointed out that this exploitr equires
the remote loading of external resources. From looking at the
official exploit document, that also appears to be correct. In fact, loading
of external resources is disabled by default in Thunderbird.
This means that this exploit won't work with default settings in
Thunderbird/Enigmail
and probably won't work by default in other mail
clients as well.

+1 however that is not the case for *most* clients used by the majority of
users, I am thinking of Apple Mail and other mail clients (MAUs). However
since most of us run Linux, here is the official statement from Mozila.
They think disabling remote content and HTML parsing is the best
mitigation, like Joel said.

So I think the comments made by Mozilla are best.  If you wish to need
additional security around your GPG encrypted emails in, you can decrypt
them while disconnected from WiFi or from the command line. You could grab
the email message by selecting finding the "More" button (next to the
"Delete" button) and selecting View Source. Find the the GPG message and
paste this content into a text file.

----BEGIN PGP MESSAGE-----

[ENCRYPTED MESSAGE CONTENT]

-----END PGP MESSAGE-----

To decrypt the email you would run *gpg --decrypt email_message.asc >
message.tx*t. This is by far the safest manner of decrypting messages but
it is also the most time consuming.

Happy to answer any more questions

Best,
Freddy Martinez

[0] https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060325.html
[1] https://dev.gnupg.org/T3981
[2] https://blog.mozilla.org/thunderbird/2018/05/efail-and-thunderbird/

On Tue, May 15, 2018 at 9:10 PM, eviljoel <eviljoel at linux.com> wrote:

> Greetings,
>
> The EFF says that there is a flaw in the PGP spec in that it does not
> require an integrity check on an encrypted message.  Outside of that, I
> believe you are right, it is a flaw in the implementations.
>
> Also, on one of these mailing lists, Adam pointed out that this exploit
> requires the remote loading of external resources. From looking at the
> official exploit document, that also appears to be correct. In fact,
> loading of external resources is disabled by default in Thunderbird.
> This means that this exploit won't work with default settings in
> Thunderbird/Enigmail and probably won't work by default in other mail
> clients as well. I kinda feel like the EFF jumped the gun on this one.
>
> - eviljoel
>
> On 05/15/2018 08:13 AM, Christopher Lemmer Webber wrote:
> > eviljoel writes:
> >
> >> Greetings,
> >>
> >> There is a newly discovered vulnerability in PGP that allows attackers
> >
> > It's worth noting that the flaw isn't in PGP or any PGP implementation,
> > it's in HTML mail rendering clients behaving badly.
> >
>
> --
> Let me teach you encrypted e-mail. eviljoel's PGP fingerprint:
> A2BE 2D12 24D1 67CA 8830  DDE7 DFB3 676B 196D 6430
>
>
> _______________________________________________
> discuss mailing list
> discuss at lists.chicagolug.org
> https://lists.chicagolug.org/mailman/listinfo/discuss
>
>

-- 
Freddy Martinez
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chicagolug.org/pipermail/discuss/attachments/20180516/be76818d/attachment-0002.html>