PGP EFAIL

I am not going to rewrite this well written post, but since I am using and promoting the use of PGP I do need to draw you attention to EFAIL: https://efail.de/

The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails.

From the same post:

Here are some strategies to prevent EFAIL attacks:

Short term: No decryption in email client. The best way to prevent EFAIL attacks is to only decrypt S/MIME or PGP emails in a separate application outside of your email client. Start by removing your S/MIME and PGP private keys from your email client, then decrypt incoming encrypted emails by copy&pasting the ciphertext into a separate application that does the decryption for you. That way, the email clients cannot open exfiltration channels. This is currently the safest option with the downside that the process gets more involved.

Short term: Disable HTML rendering. The EFAIL attacks abuse active content, mostly in the form of HTML images, styles, etc. Disabling the presentation of incoming HTML emails in your email client will close the most prominent way of attacking EFAIL. Note that there are other possible backchannels in email clients which are not related to HTML but these are more difficult to exploit.

Medium term: Patching. Some vendors will publish patches that either fix the EFAIL vulnerabilities or make them much harder to exploit.

Long term: Update OpenPGP and S/MIME standards. The EFAIL attacks exploit flaws and undefined behavior in the MIME, S/MIME, and OpenPGP standards. Therefore, the standards need to be updated, which will take some time.

I use Protonmail and Keybase to make encryption easier (they both offer free services), here are their posts about EFAIL and how it affects (or actually doesn’t) their services:

From Keybase via e-mail:

To be clear, Keybase isn’t affected

Keybase’s end-to-end secure chat, our new teams feature, our collaborative encrypted git repositories, and our filesytem all do not use PGP.

The only time you’ll ever use PGP encryption in Keybase is when you’re sitting there thinking “Oh, I really want to use legacy PGP encryption.” To experience EFAIL with Keybase, you must (1) knowingly do this, and then (2) paste a PGP message into an insecure 3rd party app. So don’t do that.

And a post from privacy warriors EFF:

 

Leave a Reply