-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Jan-Philipp Litza wrote on 16/04/2015 20:26: > Hi everybody, > > I think I found a security-related usability problem with Enigmail: > When replying to a message, Enigmail decrypts parts of the mail I reply > to without notifying me. This could lead to me decrypting a message an > adversary sent me for decrypting without noticing.
Hi, That's interesting. I've made some more realistic tests with two users and I can definitely reproduce this behaviour, although with some differences. Below the steps: 1. Mallory manages to sniff a message addressed to Alice. This message, that we'll call Message #1, is encrypted with Alice's pubkey so Mallory can't read it. 2. Mallory writes a long message to Alice and, buried deep at the end, includes the ciphertext from Message #1. 3. Mallory sends the message *unencrypted*. 4. Alice receives the message. (The Enigmail status bar says "Decrypted message". The Enigmail Security Info says "Part of the message signed - Decrypted message".) The message contains Mallory's text, followed by: ********* *BEGIN ENCRYPTED or SIGNED PART* ********* (Message #1 in plaintext) ********** *END ENCRYPTED or SIGNED PART* ********** 5. If Alice replies to Mallory and quotes the message in its entirety (as mailclients do by default), she'll have disclosed the content of Message #1 to Mallory. Note that, if in step 3 Mallory sends the message encrypted with Alice's pubkey, we don't have a security disclosure: Alice receives Mallory's text followed by a PGP ciphertext block i.e. Message #1. (The Enigmail status bar says "Decrypted message". The Enigmail Security Info says "Decrypted message".) When she replies quoting the whole message, Message #1 will be quoted encrypted. Still, that's a neat attack, and thanks for bringing it to the attention of the community. Whether this would be an user error or a lack of a security check from Enigmail (I wouldn't certainly call it a bug) should be discussed further. - -- Dan -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVN94aAAoJEInVZO2m1Q28H3UIALZ/zSFekl7hNtUdRO/Wg38e nzj4MkvrpuZ87hna+5uFnTFgjNiHQ9Oe2tiwrlCQzDho+UeBY/f+HVbTCibfltRX oPr8siFa5yuAj7krdAfLTMDo0iVKBrumgDu3iZVX8LGlWCqbyuZOO6TFDj56hAU6 DxLUU+YfdtnN8H369zdL2YKWTFgK0LurVq3eailMU0dLNSHeO1GOxE9Gi5Zz3NGl v6vWy5RcpP4gRvsp/TJPV3ZGelFQBSBWnfoEkd++IRvH3tUU/Z28/gK+x0SCZYm3 VZpIkeCYmX8pJRgBwlSBBwKtt6wTgabgM33vt0raSLzItDlBgN3441z5KU0bWjI= =VsI9 -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
