S/MIME And Poor OpenPGP Email Client Behavior Leak Plaintext

Posted on by

Today disclosure of two plaintext leaking behaviors in email clients handling OpenPGP and S/MIME encrypted messages has been released (archived). The vulnerability affecting S/MIME is baked into the S/MIME standard and may only be mitigated by abandoning S/MIME, no other mitigation is possible. Meanwhile the plaintext leaking behavior affecting OpenPGP encrypted emails requires certain common but very stupid behavior on the part of an email client and the user allowing the email client to be involved in decrypting the message.

The attack in OpenPGP encrypted email involves the message being molested on the wire in such a way the plaintext metadata surrounding the cyphertext is modified to engage your typical email client's HTML rendering engine. If the email client is allowed to be involved in decrypting the cyphertext as is common with various client "plugins", the email client can "phone home" the plaintext after decryption to the message's molester according to the spurious instructions delivered to the HTML rendering engine. The mitigation for this vulnerability is hygiene and not allowing your email client to be involved in cryptographic operations beyond sending and recieving cyphertext blobs encrypted and decrypted elsewhere.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>