A serious Pretty Good Privacy (PGP) flaw could expose emails you’ve sent in the past among those who use either PGP or S/MIME for email encryption, and security researchers are recommending users immediately disable or uninstall tools that decrypt emails.
In an era when email hacks are a very real and common personal security threat, encryption is a way to ensure prying eyes don’t spy on your digital correspondence. PGP has been a popularly adopted standard for email encryption.
Unfortunately, a group of European researchers published a warning this weekend that a critical PGP hole that could expose private emails to hackers.
We'll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. #efail 1/4— Sebastian Schinzel (@seecurity) May 14, 2018
A paper detailing the vulnerability, co-authored by Sebastian Schinzel, computer security professor at the Münster University of Applied Sciences in Germany, is available online.
The issue, dubbed EFAIL, has to do with a hole in OpenPGP and S/MIME standards that can reveal the plain text of encrypted emails. Attacks using the EFAIL vulnerability take advantage of “active content” in HTML emails, such as externally loaded graphics, to extract the plain text through those requested URLs. There are two different types of attacks that can occur, which the researchers have dubbed Direct Exfiltration and the CBC/CFB Gadget attack.
“Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email,” the Electronic Frontier Foundation advised in a post published Sunday evening (emphasis theirs). “Until the flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email.”
For those affected, the Electronic Frontier Foundation has three guides on how to temporarily disable PGP plug-ins. Despite the Mac desktop app flaw discovered last week, the EFF recommends using an app like Signal for secure communications until EFAIL is properly resolved.
If you want to continue to send and receive PGP-encrypted emails, the researchers advise decrypting those messages in a separate application, not your email client. You can also disable HTML rendering in your email messages. According to some in the security community, such as GNU Privacy Guard, the EFAIL issue is primarily a fault of email providers rather than a failing of the encryption protocol itself.
They figured out mail clients which don't properly check for decryption errors and also follow links in HTML mails. So the vulnerability is in the mail clients and not in the protocols. In fact OpenPGP is immune if used correctly while S/MIME has no deployed mitigation.— GNU Privacy Guard (@gnupg) May 14, 2018
In the future, patches should prevent this PGP flaw from being exploited. For a long-term solution, the OpenPGP and S/MIME standards will need to be updated to completely prevent these kinds of attacks from happening.