parallax background

#EFail Security Flaw in Email Encryption (1)

Registered Receipt of RMail
Can you put a monetary value on proof?
9. April 2018
frama blog about efail security
#EFail Security Flaw in Email Encryption (2)
1. June 2018

In short, the recently publicized EFail security flaw shows that an eavesdropper can siphon out the text of a PGP or S/MIME encrypted email through the HTML part of the message.

By far today’s most common communication medium in business is email. Plain text communication is used with only partly protected TLS paths and where encryption is not guaranteed for the full transaction. For people in challenging environments (political activists, journalists, whistleblowers) who rely on the privacy of their digital communications, this is insufficient. Major attackers such as the national authorities have a reputation for eavesdropping on the email communication of a large group of individuals. OpenPGP offers end-to-end encryption designed specifically for sensitive communication in the face of today's most powerful attackers. The S/MIME standard is an alternative for end-to-end encryption of emails, which is usually used to secure corporate email communication.

A group of German and Belgian security scientists discovered serious vulnerabilities in the widely used email encryption standards OpenPGP and S/MIME and informed the German Federal Office for Information Security (BSI) as well as developers.

The EFAIL attacks make use of vulnerabilities in the OpenPGP and S/MIME standard to expose the plain text of encrypted emails. In a nutshell, EFAIL exploits active parts of HTML emails, e.g. externally loaded images or styles, to extrude plain text via requested URLs. The attacker first needs access to the encrypted emails in order to create these exfiltration channels, e.g. by intercepting network traffic, email servers, interfering with email accounts, client computers or backup systems. The emails could even have been collected years ago.

The attacker modifies an encrypted email in a specific way and sends the modified encrypted email to the victim. The victim's email client will decrypt the email and load all external message content, passing the plaintext to the attacker.

It seems odd that most email encryption systems overlook the basic needs; for the sender to be confident that the intended recipient (and only the intended recipient) CAN read the message.

Part Two: Read more about potential solutions and workarounds to reduce the risk of a data leak in your company

This article was written by RPost Tech Essentials and edited by Thomas Zurbrügg

RPost US INC. is the inventor of RMail. With its unique and powerful functionality it has reached millions of users around the world.

Leave a Reply

Your email address will not be published. Required fields are marked *