In <[EMAIL PROTECTED]>, on 06/05/99
at 06:39 PM, Ryan Lackey <[EMAIL PROTECTED]> said:
>What MS Outlook appears to do is display status information about
>signature checking on messages in the mail message frame itself,
>indistinguishable from ordinary text. The obvious attack is to send a
>user unsigned mail (it could be encrypted, to add additional legitimacy
>to the attack) with text at the beginning of the message simulating the
>output of signature checking on the recipient's computer. This can be
>done fairly convincingly -- it is hard to get the timestamp exactly
>correct, but few users check the details thoroughly if the message
>appears normal..
I do something similar with my PGP integration but without seeing an
example of the Outlook sample it is hard to tell if there are important
differences.
Basically I have a PGP pre-processor that is run on all inbound messages.
If the message contains a PGP signature then PGP is called and the results
are appended to the bottom of the message:
-----BEGIN PGP SIGNED MESSAGE-----
blah, blah, blah
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i OS/2 for non-commercial use
Comment: Registered_User_E-Secure_v1.1b1_ES000000
Charset: cp850
wnUDBQE3WfWb0fdTsSGZnTUBAU1tAv9wuEbpla2nJlCJWGcyli9SNlqShqJj20Lq
clphzJpERDitI7l1/RTI45UZ2nU2cYDpqKvCEFL8ZkvGbMzsWYgtpIRO7EYIGaRb
LqjjQKDmxpuciw3woTUhWkBG6JDCc3M=
=UfaJ
-----END PGP SIGNATURE-----
--------------------------------------------------------------------
MR/2 PGP Signature Check 5 Jun 1999 23:15:36
--------------------------------------------------------------------
Opening file "NUL" type text.
Opening file "WHGIII\3759F5E7" type binary.
Good signature made 1999-06-06 04:14 GMT by key:
768 bits, Key ID 21999D35, Created 1998-09-10
"TOTOCUS"
WARNING: The signing key is not trusted to belong to:
TOTOCUS
Opening file "NUL" type text.
Now one could attempt to create a fake signature & signature check to a
message, but one this message hit the PGP preprocessor, a new signature
check would be created showing that the signature was invalid.
It may be that the Outlook plugin is hiding the PGP signature in
displaying the message (or even worse is removing the sig after checking).
I have seen implementations that do hide the PGP signature from display
but they do not stamp the message as above (verification info is displayed
outside of the text window).
Out of band need not be a requirement, like most things it depends on how
it is implemented.
Anyone with any real concern with security would not be using M$ products
to begin with.
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
---------------------------------------------------------------
