In an earlier blog, we discussed some implications of the newly found EFAIL attack on PGP and S/MIME. We concluded that CipherMail gateway was not directly vulnerable because the gateway does not load remote content from the email. The email only gets decrypted, validated and then forwarded.
The EFAIL paper describes two types of attack. The "Direct exfiltration" attack and the "Generic exfiltration" attack.
Messages decrypted by the CipherMail gateway are not vulnerable to the "Direct exfiltration" attack even if you use a mail client which is vulnerable to the "Direct exfiltration" attack because CipherMail will always generate messages having correct MIME parts after decryption. PGP messages decrypted by CipherMail are also not vulnerable to the "Generic exfiltration" attack because a Modification Detection Code (MDC) is required and checked. If a message does not have the correct MDC, the message will not be decrypted (see the earlier blog for more details)
S/MIME however is vulnerable to the "Generic exfiltration" attack. With the "Generic exfiltration" attack the attacker can insert additional content (payload) into an encrypted email without having to decrypt the email first. This by itself does not directly result in the loss of information. However, if the email is viewed on an email client which automatically downloads external content, part of the decrypted email might be uploaded to a remote system.
We have further analyzed EFAIL and have been able to modify an S/MIME message using the described "Generic exfiltration" technique.
Inserting the required payload is not straightforward. Only small parts can be inserted (max 16 bytes). To insert a payload which can be used to upload the decrypted contents requires multiple blocks to be inserted. The problem with inserting blocks into the encrypted stream, is that the blocks are separated by bogus data (random plaintext). The paper describes in a clever way how the inserted payload can be optimized to make sure that the HTML parser skips the bogus data.
The bogus data however, can also be used to detect that an EFAIL attack has been executed. S/MIME specification (RFC 5751) requires that an S/MIME message should only contain 7-bits characters:
"If a multipart/signed entity is ever to be transmitted over the standard Internet SMTP infrastructure or other transport that is constrained to 7-bit text, it MUST have transfer encoding applied so that it is represented as 7-bit text. MIME entities that are 7-bit data already need no transfer encoding. Entities such as 8-bit text and binary data can be encoded with quoted-printable or base-64 transfer encoding."
S/MIME messages containing characters outside the 7-bit range are therefore invalid. This gives us an opportunity to detect whether the EFAIL attack was used. The chances of detection can be further improved by also disallowing most control characters. in normal emails, only CR, LF and TAB will be used.
When using the CipherMail Email Encryption gateway, a spam or content filter can detect whether the decrypted email contains invalid characters and quarantine the email in such a case.
We are investigating whether an automatic 8-bit character detection module can be added to the CipherMail gateway. With this module, if a decrypted email contains invalid characters, the gateway will not forward the email in decrypted form but forward it in encrypted for to an admin for further analysis.
Bron: Blog Chipermail
Er zijn nog geen reacties geplaatst
Inloggen voor Mijn Cqure leden
Bestaande leden kunnen inloggen met e-mail en wachtwoord. Heb je via een social media account geregistreerd of deze gekoppeld aan je account? Kies dan het gekoppelde platform om in te loggen.
Login met e-mail en wachtwoord:
Nog geen Mijn Cqure account?
Heb je nog geen account? je kunt je aanmelden door het registratieformulier in te vullen, of door een social media account te koppelen. Het aanmelden is eenvoudig en binnen enkele ogenblikken geregeld.
De voordelen op een rijtje:
- Reacties onmiddelijk zichtbaar in Kennisplatform
- Eenvoudig inschrijven voor events
- Snel inloggen met Facebook of Twitter
- Formulieren aangevuld met jouw profielgegevens