#efail, Crypto, HTML, PDF, and other complex Topics

René Pfeiffer/ May 14, 2018/ High Entropy, Security

You probably have noticed the #efail hashtag that came with the claim that the crypto world of PGP/GPG and S/MIME is about to end. Apocalyptic announcements were made. The real news is due for 15 May 2018 (i.e. the publication with all the facts). There was even the advice to stop using encryption until more information is known. The authors of the bug claimed that responsible disclosure was being followed. Well, it seems that this is not the case. Judging from the Internet response, the bug depends on the content of the encrypted message, not on the protocol of the encryption or the encryption tools. Lessons learned so far:

  • It is a bug in some mail user client software.
  • It’s all about the content of the message and how it gets interpreted.
  • Responsible disclosure was not followed.
  • Do not use HTML in emails.
  • Use authenticated encryption.

You may note that these recommendations are heavily on the side of the protocol/data format designers, not on the user’s part or the user interface. It’s hard to point fingers into the right direction, but the vulnerability is all about the content and they way software handles it. That’s not shifting the blame. HTML content (or any active content) in emails have long been the source of heated discussions. There is a reason why a lot of phishing uses HTML. Bashing PGP/GPG or S/MIME for its complex data format is also no excuse. Have you ever taken a look at the PDF standard or the many office document standards? Why is there no recommendation to stop sending documents via emails?

The DeepSec conference in 2017 had the motto „Science first!“. We didn’t go for this slogan because of the first academic ROOTS workshop. We know that information security can do a lot better with a healthy dose of the scientific method. Your work doesn’t count and has no impact, if you can’t base it on solid facts. The claim that „There are currently no reliable fixes for the vulnerability.“ is plain wrong.

So please continue to write encrypted emails to us. We do not read HTML message in conversation.

Share this Post

About René Pfeiffer

System administrator, lecturer, hacker, security consultant, technical writer and DeepSec organisation team member. Has done some particle physics, too. Prefers encrypted messages for the sake of admiring the mathematical algorithms at work.