Interview

Beware of PGP 'con job'

Edward Hurley, News Writer
Please describe the vulnerability in PGP?
Let's say you want to intercept a message that I can decode. You damage the message, say by adding eight bytes of garbage. Repackage it so it looks like a PGP message. You send it to me and I open it and see nothing but garbage. If I send that back to you, then it is possible for you to decrypt the message. Is it very severe? In other words, is the problem widespread?
This is primarily a con job. It relies on you sending the message back. Also, most PGP messages are compressed, which means that method wouldn't work. Rarely PGP messages are sent uncompressed. One instance could be if the message is zipped before being encrypted with PGP. A chain of unlikely events have to occur for this method to work.
For more information:

    Requires Free Membership to View

Do you have a PGP question for Jon Callas or one of our other experts? Click here!

More information about PGP and other cryptography

General information about encryption


Feedback on this story? Send your comments to News Writer Edward Hurley

It doesn't sound like the flaw is that bad. How come there's such a hubbub about it?
I don't mean to diminish the severity of it. People who make PGP applications need to be aware of such things. For example, a PGP developer may hand a message over to the user if there is a decompression error, as some of the text may be readable. That is a security problem, not a data problem. Now, a red flag should go up much like when there is an encryption error. Shouldn't warning lights go off when the garbled message comes from someone you don't know?
Not necessarily. Remember someone can be masquerading as someone you know. For example, someone could get a Hotmail account that looks like it's an old high school buddy of yours. How long has the vulnerability been around?
We knew the weakness existed years ago, but we didn't know how to exploit it. In fact, a fix for it was released in 2000, but the new version didn't have backward compatibility. Why didn't people switch to the fixed version?
It's hard to ask people to switch mail programs they have used perhaps for years for a potential security problem. Is there any evidence it has been exploited? Could someone have found it?
No, there is no evidence it has been used in the wild. But never say never. It's so clever that you'd have to think someone has thought it up and hasn't told anyone about it. It's possible but not likely. How can PGP users work around the problem?
The best way is to not hit the reply key and send any garbage back to the person who sent it to you. Send them another e-mail asking why they sent you garbage. You don't need to stop using the old version [of PGP]. It's a good attack but not so good an attack. It's clever by using a lot of social engineering and a little cryptography to work. So if someone could do this successfully once, can they then decrypt all your messages?
No. They can only read that one message. If they want to read 10 of your messages then they'll have to do it 10 times.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: