Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

Who dat who say "who dat" when I say "who dat"? -- Hattie McDaniel


rocksolid / Encryption / PGP is not longer safe!

SubjectAuthor
* PGP is not longer safe!guest
+- Re: PGP is not longer safe!Guest
`* Re: PGP is not longer safe!AnonUser
 `* Re: PGP is not longer safe!AnonUser
  `* Re: PGP is not longer safe!Guest
   `* Re: PGP is not longer safe!Guest
    `* Re: PGP is not longer safe!Guest
     `* Re: PGP is not longer safe!guest
      `* Re: PGP is not longer safe!anon
       `* Re: PGP is not longer safe!Guest
        `* Re: PGP is not longer safe!AnonUser
         `* Re: PGP is not longer safe!Guest
          `* Re: PGP is not longer safe!Guest
           `* Re: PGP is not longer safe!AnonUser
            `- Re: PGP is not longer safe!Guest

1
PGP is not longer safe!

<pdcq68$gud$1@def3.retrobbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=91&group=rocksolid.shared.encryption#91

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!def3!.POSTED!not-for-mail
From: guest@anonymous.com (guest)
Newsgroups: rocksolid.shared.encryption
Subject: PGP is not longer safe!
Date: Mon, 14 May 2018 22:05:27 +0200
Organization: Dancing elephants.
Lines: 7
Message-ID: <pdcq68$gud$1@def3.retrobbs.com>
Reply-To: guest <guest@anonymous.com>
NNTP-Posting-Host: 10.0.2.2
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: def3.retrobbs.com 1526328328 17357 10.0.2.2 (14 May 2018 20:05:28 GMT)
X-Complaints-To: usenet@def3.retrobbs.com
NNTP-Posting-Date: Mon, 14 May 2018 20:05:28 +0000 (UTC)
User-Agent: FUDforum 3.0.8
X-FUDforum: 06f8078bfca7e7bab849b374a69a9c1e <1748>
 by: guest - Mon, 14 May 2018 20:05 UTC

Because of vulnerabilities of many mail clients PGP and
S/MIME encrypted messages can be partially read from an
attacker without having the key.
See my article on http://noxan.i2p

Noxan
Posted on: def3.i2p

Re: PGP is not longer safe!

<pddopg$cei$1@novabbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=92&group=rocksolid.shared.encryption#92

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.localhost!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Tue, 15 May 2018 04:47:44 +0000
Organization: RetroBBS II
Lines: 2
Message-ID: <pddopg$cei$1@novabbs.com>
References: <pdcq68$gud$1@def3.retrobbs.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 15 May 2018 04:47:44 -0000 (UTC)
Injection-Info: novabbs.com; posting-host="localhost:127.0.0.1";
logging-data="12754"; mail-complaints-to="usenet@novabbs.com"
User-Agent: FUDforum 3.0.7
X-FUDforum: d41d8cd98f00b204e9800998ecf8427e <249822>
 by: Guest - Tue, 15 May 2018 04:47 UTC

here is a clearnet link to a description:

https://efail.de/
Posted on RetroBBS II

Re: PGP is not longer safe!

<27aaeda36ec0ebd685f2318b63cd8cc2$1@bitag46q3465nylvzuikfwjcj7ewi4gjkjtvuxhn73f6vsxffyiq.b32.i2p>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=93&group=rocksolid.shared.encryption#93

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.retrobbs!not-for-mail
From: anonuser@retrobbs.rocksolidbbs.com.remove-nrl-this (AnonUser)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Tue, 15 May 2018 09:18:30 -0700
Organization: Rocksolid Light
Message-ID: <27aaeda36ec0ebd685f2318b63cd8cc2$1@bitag46q3465nylvzuikfwjcj7ewi4gjkjtvuxhn73f6vsxffyiq.b32.i2p>
References: <pdcq68$gud$1@def3.retrobbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: novabbs.com; posting-host="retrobbs:10.128.3.129";
logging-data="23101"; mail-complaints-to="usenet@novabbs.com"
To: guest
X-Comment-To: guest
In-Reply-To: <pdcq68$gud$1@def3.retrobbs.com>
X-FTN-PID: Synchronet 3.17a-Linux Feb 20 2018 GCC 6.3.0
X-Gateway: retrobbs.rocksolidbbs.com [Synchronet 3.17a-Linux NewsLink 1.108]
 by: AnonUser - Tue, 15 May 2018 16:18 UTC

To: guest
guest wrote:

> Because of vulnerabilities of many mail clients PGP and
> S/MIME encrypted messages can be partially read from an
> attacker without having the key.
> See my article on http://noxan.i2p

> Noxan
> Posted on: def3.i2p

Thanks for posting this information.

Makes me glad I don't allow HTML in my mail clients, but it's still a
concern as the client does have internet access so who knows.

Posted on Rocksolid Light.
--- Synchronet 3.17a-Linux NewsLink 1.108
Posted on RetroBBS

Re: PGP is not longer safe!

<f8638d16d4050361ace0f34b04521402$1@bchz4vggexx63qvy.onion>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=94&group=rocksolid.shared.encryption#94

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.retrobbs!not-for-mail
From: anonuser@retrobbs.rocksolidbbs.com.remove-ks4-this (AnonUser)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Tue, 15 May 2018 17:08:19 -0700
Organization: Rocksolid Light
Message-ID: <f8638d16d4050361ace0f34b04521402$1@bchz4vggexx63qvy.onion>
References: <27aaeda36ec0ebd685f2318b63cd8cc2$1@bitag46q3465nylvzuikfwjcj7ewi4gjkjtvuxhn73f6vsxffyiq.b32.i2p>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: novabbs.com; posting-host="retrobbs:10.128.3.129";
logging-data="20856"; mail-complaints-to="usenet@novabbs.com"
To: AnonUser
X-Comment-To: AnonUser
In-Reply-To: <27aaeda36ec0ebd685f2318b63cd8cc2$1@bitag46q3465nylvzuikfwjcj7ewi4gjkjtvuxhn73f6vsxffyiq.b32.i2p>
X-FTN-PID: Synchronet 3.17a-Linux Feb 20 2018 GCC 6.3.0
X-Gateway: retrobbs.rocksolidbbs.com [Synchronet 3.17a-Linux NewsLink 1.108]
 by: AnonUser - Wed, 16 May 2018 00:08 UTC

To: AnonUser
Note that the bug is not concerning PGP itself, but only works in
connection with emails (plus some other factors).
Posted on Rocksolid Light.
--- Synchronet 3.17a-Linux NewsLink 1.108
Posted on RetroBBS

Re: PGP is not longer safe!

<pdieks$q22$1@def3.retrobbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=96&group=rocksolid.shared.encryption#96

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!def3!.POSTED!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Wed, 16 May 2018 19:25:14 -0400
Organization: Dancing elephants
Lines: 12
Message-ID: <pdieks$q22$1@def3.retrobbs.com>
References: <f8638d16d4050361ace0f34b04521402$1@bchz4vggexx63qvy.onion>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
NNTP-Posting-Host: def2.lan
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: def3.retrobbs.com 1526513116 26690 192.168.1.235 (16 May 2018 23:25:16 GMT)
X-Complaints-To: usenet@def3.retrobbs.com
NNTP-Posting-Date: Wed, 16 May 2018 23:25:16 +0000 (UTC)
User-Agent: FUDforum 3.0.7
X-FUDforum: e2245c1d60cd2fa7de3270a53d877d47 <1513>
 by: Guest - Wed, 16 May 2018 23:25 UTC

https://www.eff.org/de/deeplinks/2018/05/attention-pgp-users
-new-vulnerabilities-require-you-take-action-now

"Our advice, which mirrors that of the researchers, is to
immediately disable and/or uninstall tools that
automatically decrypt PGP-encrypted email. Until the flaws
described in the paper are more widely understood and fixed,
users should arrange for the use of alternative end-to-end
secure channels, such as Signal, and temporarily stop
sending and especially reading PGP-encrypted email. "

Posted on: def2.i2p

Re: PGP is not longer safe!

<pdif31$qtk$1@def3.retrobbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=97&group=rocksolid.shared.encryption#97

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!def3!.POSTED!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Wed, 16 May 2018 19:32:47 -0400
Organization: Dancing elephants
Lines: 6
Message-ID: <pdif31$qtk$1@def3.retrobbs.com>
References: <pdieks$q22$1@def3.retrobbs.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
NNTP-Posting-Host: def2.lan
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: def3.retrobbs.com 1526513569 27572 192.168.1.235 (16 May 2018 23:32:49 GMT)
X-Complaints-To: usenet@def3.retrobbs.com
NNTP-Posting-Date: Wed, 16 May 2018 23:32:49 +0000 (UTC)
User-Agent: FUDforum 3.0.7
X-FUDforum: e2245c1d60cd2fa7de3270a53d877d47 <1514>
 by: Guest - Wed, 16 May 2018 23:32 UTC

we are probably fucked again. who knows when the first
discovery of this happened, and by whom ? or if it is in
fact a bug or a feature (like heartbleed) ?

FUCK
Posted on: def2.i2p

Re: PGP is not longer safe!

<pe4gd8$ub8$1@novabbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=98&group=rocksolid.shared.encryption#98

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.localhost!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Wed, 23 May 2018 19:45:44 +0000
Organization: RetroBBS II
Lines: 6
Message-ID: <pe4gd8$ub8$1@novabbs.com>
References: <pdif31$qtk$1@def3.retrobbs.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 23 May 2018 19:45:44 -0000 (UTC)
Injection-Info: novabbs.com; posting-host="localhost:127.0.0.1";
logging-data="31080"; mail-complaints-to="usenet@novabbs.com"
User-Agent: FUDforum 3.0.7
X-FUDforum: d41d8cd98f00b204e9800998ecf8427e <271706>
 by: Guest - Wed, 23 May 2018 19:45 UTC

seems like we are triple fucked:

https://www.golem.de/news/pgp-smime-thunderbird-update-notwendig-um-efail-zu-verhindern-1805-134472.html

there are other bugs as well, again in connection with html
(link is in german language, but google translate gives ok
results).
Posted on RetroBBS II

Re: PGP is not longer safe!

<pe6o88$ki8$1@def3.retrobbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=99&group=rocksolid.shared.encryption#99

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!def3!.POSTED!not-for-mail
From: guest@anonymous.com (guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Thu, 24 May 2018 18:11:52 +0200
Organization: Dancing elephants.
Lines: 8
Message-ID: <pe6o88$ki8$1@def3.retrobbs.com>
References: <pe4gd8$ub8$1@novabbs.com>
Reply-To: guest <guest@anonymous.com>
NNTP-Posting-Host: 10.0.2.2
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: def3.retrobbs.com 1527178313 21064 10.0.2.2 (24 May 2018 16:11:53 GMT)
X-Complaints-To: usenet@def3.retrobbs.com
NNTP-Posting-Date: Thu, 24 May 2018 16:11:53 +0000 (UTC)
User-Agent: FUDforum 3.0.8
X-FUDforum: 06f8078bfca7e7bab849b374a69a9c1e <1839>
 by: guest - Thu, 24 May 2018 16:11 UTC

If CryptoCat was good enough for Snowden-Guardian
communication why bother with Apple Mail. This flaw is
exacerbated by the fact that emails are not signed to see if
they were tampered with. You can decrypt and encrypt from
your file manager (Nautilus has an extension). You can
check a free account with Zimbra Java at mail.unseen.is
highly recommended for small things 20MB max storage.
Posted on: def3.i2p

Re: PGP is not longer safe!

<174aa49b9d44362f73708c4a5@def4.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=100&group=rocksolid.shared.encryption#100

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!def3!.POSTED.localhost!not-for-mail
From: anon@anon.com (anon)
Newsgroups: rocksolid.shared.encryption
Message-ID: <174aa49b9d44362f73708c4a5@def4.com>
Subject: Re: PGP is not longer safe!
Date: Sat, 26 May 2018 22:51:35+0000
Organization: def4
In-Reply-To: <pe6o88$ki8$1@def3.retrobbs.com>
References: <pe6o88$ki8$1@def3.retrobbs.com>
Lines: 6
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
 by: anon - Sat, 26 May 2018 22:51 UTC

What Snowden did on the technical side cannot be done by John Doe. It would be nice to have safe-by-default for average people.

Posted on def4.i2p

Re: PGP is not longer safe!

<peklni$4rt$1@novabbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=101&group=rocksolid.shared.encryption#101

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.localhost!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Tue, 29 May 2018 22:54:42 +0000
Organization: RetroBBS II
Lines: 507
Message-ID: <peklni$4rt$1@novabbs.com>
References: <174aa49b9d44362f73708c4a5@def4.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 29 May 2018 22:54:42 -0000 (UTC)
Injection-Info: novabbs.com; posting-host="localhost:127.0.0.1";
logging-data="4989"; mail-complaints-to="usenet@novabbs.com"
User-Agent: FUDforum 3.0.7
X-FUDforum: d41d8cd98f00b204e9800998ecf8427e <286096>
 by: Guest - Tue, 29 May 2018 22:54 UTC

and the next fuckup, this time not as bad, but without
involvement of html:

https://neopg.io/blog/encryption-spoof/

Not everything that looks encrypted, is encrypted
2018-05-28

I found out that it is possible to create a message that
looks encrypted in GnuPG and many email clients, but where
the plaintext is actually not protected at all.

Thanks to Fabian Ising and Simon Friedberger for
discussions!

Before I start, let's take a look at the problem. The
following image consists of screenshots of:

Earlybird 52.7.0 with Enigmail 2.0.4 (20180516-1359,
NixOS),
Evolution 3.28.2 (Fedora),
Mutt 1.9.5 (NixOS), and
Outlook 2007/Gpg4win 3.1.1 (Windows 10).

It shows the rendering of a simple text email in the
PGP/Inline format (so no MIME or HTML is involved). It looks
exactly as if the email is encrypted to the recipient. But
in fact everything highlighted red in this image is a total
lie - the result of a willful manipulation of the message by
the sender. Let's call this special message the cake
message, or short: the cake.

Enigmail 2.0.4

Evolution 3.28.2

Mutt 1.9.5

Gpg4win 3.1.1

I promise you that nothing in the cake is encrypted (you
will see later that except for Outlook this is literally
true - the encrypted content of the cake is exactly 0
bytes). I also promise you that this output is exactly the
same as if the content were properly encrypted.

This bug is certainly not in the same category as a serious
security vulnerability, such as a plaintext leak or a
signature spoof. But it is confusing and hazardous, so it
should be fixed. The handling of the cake message also
violates the OpenPGP standard. More importantly, analyzing
the bug helps to understand why OpenPGP is difficult to
implement, and why it is particularly difficult to implement
OpenPGP support using GnuPG.

At the end, I hope that you will understand more about the
OpenPGP standard, the mechanics inside GnuPG, and why the
NeoPG project wants to provide a modern and extensible
programming interface for applications based on OpenPGP.
Investigating the cake

At first glance, the cake message looks perfectly innocent.
But, assuming that somehow your suspicion is raised, let's
play Sherlock Holmes and investigate a bit further what is
going on.

As power users, we turn to the command line and see if we
can get some more information about the ciphertext of the
cake message:

$ cat cake | gpg
gpg: WARNING: no command supplied. Trying to guess what you
mean ...
gpg: encrypted with 2048-bit RSA key, ID 66489556790B2E8E,
created 2018-03-25
"twitter://lambdafu"
This is fine!

Nope, the above output is perfectly normal for an encrypted
file. Adding --verbose doesn't change that either. But if we
check out the binary content of the cake message, we can see
that it contains the plaintext in unencrypted form:

$ cat cake | gpg --dearmor | strings
This is fine!

Modifying this string in the cake shows that the
"decryption" output changes as well, proving that it comes
from the unprotected plaintext part of the cake. Maybe we
can find out more by listing the OpenPGP packets in the cake
using a debugging feature of GnuPG:

$ cat msg | gpg --list-packet
gpg: encrypted with 2048-bit RSA key, ID 66489556790B2E8E,
created 2018-03-25
"twitter://lambdafu"
# off=0 ctb=85 tag=1 hlen=3 plen=268
:pubkey enc packet: version 3, algo 1, keyid
66489556790B2E8E
data: [2048 bits]
# off=271 ctb=d2 tag=18 hlen=2 plen=33 new-ctb
:encrypted data packet:
length: 33
mdc_method: 2
# off=306 ctb=cb tag=11 hlen=2 plen=20 new-ctb
:literal data packet:
mode b (62), created 0, name="",
raw data: 14 bytes

Each packet is introduced with a comment line (#) indicating
the offset in the file, the ctb and tag, as well as the
header and packet length. If you look very carefully here,
you can figure out the solution.

Solution: The encrypted data packet starts at offset 271 and
spans 2+33 bytes, so it ends just before offset 306. The
literal data packet follows at offset 306. This means that
the encrypted data packet is not covering the literal data
packet at all!

In comparison, this would be part of the output of a
properly encrypted file:

... (as before up to the encrypted data packet) ...
# off=271 ctb=d2 tag=18 hlen=2 plen=55 new-ctb
:encrypted data packet:
length: 55
mdc_method: 2
# off=284 ctb=cb tag=11 hlen=2 plen=20 new-ctb
:literal data packet:
mode b (62), created 0, name="",
raw data: 14 bytes

Here, the literal data packet starts at offset 284 and spans
2+20 bytes, so it ends just before 306. It is completely
contained within the encrypted data packet, which goes up to
byte 328.

This solution raises new questions:

What does the OpenPGP standard require of an encrypted
message? Is the above message well-formed?
How does GnuPG process the message? What other methods
are there to figure out the solution beside --list-packets?
Why do the email clients render the message as if it
were encrypted?
Are there related issues in other parts of the system,
known or unknown?
How can we craft such a message using standard tools?

The OpenPGP message format

OpenPGP, at its core, is a packet based format. A packet
has:

a type (tag),
a length (encoded in one of several formats),
and some content (of the given length).

The content of a packet can be unstructured (such as plain
text or file data) or structured (with fields of fixed or
variable size). Sometimes, a packet can again contain a
sequence of OpenPGP packets. The encrypted data packet is
such a packet, containing usually a compressed data packet
that itself contains a plaintext data packet, but there are
other possibilities.

Here is the composition of a simple, encrypted message
without compression (compare with the output of
--list-packets above):

offset content
0 Public-Key Encrypted Session Key Packet
271 Encrypted Data Packet [
284 Literal Data Packet ]
306 End of file

In contrast, the composition of the cake is slightly
different, moving the literal data packet from inside the
encrypted packet to the outside following it:

offset content
0 Public-Key Encrypted Session Key Packet
271 Encrypted Data Packet []
306 Literal Data Packet
328 End of file

Message composition

In OpenPGP, exported keys, messages, and detached signatures
are all specified as sequences of packets of certain types,
in a particular order. Section 11 of RFC4880 specifies the
composition of a message. For our example, we only need a
small part of the complete specification:

OpenPGP Message :- Encrypted Message | Literal Data
Packet.

Encrypted Message :- Public-Key Encrypted Session Key
Packet, Encrypted Data Packet.

In addition, decrypting an Encrypted Data Packet must
yield a valid
OpenPGP Message.

If read carefully, the OpenPGP standard actually allows an
arbitrary number of nested Encrypted Data packets, but this
seems to be a sloppy oversight, as there is no indication of
any use case for this possibility. The standard does not
specify any uppper limit on the depth of the recursion
(GnuPG caps it arbitrarily at MAX_NESTING_DEPTH=32), and for
compressed data packets this has lead to problems in the
past).
The cake is not well-formed

In any case, the normal message above is well-formed, given
the following productions for the message:

OpenPGP Message
-> Encrypted Message
-> Public-Key Encrypted Session Key Packet, Encrypted Data
Packet

And the following productions for the decrypted data
packet:

OpenPGP Message
-> Literal Data Packet

However, the cake is not well-formed, and there are two
reasons for that.

First, there is no production that creates both an encrypted
data packet and a literal data packet from a single OpenPGP
Message at the same level of nesting.

Second, the Encrypted Data Packet must form a valid OpenPGP
Message after decryption, but in fact it is the zero-length
string, which is not a valid OpenPGP Message at all.
GnuPG should do more input validation

As we have seen, the cake message is not well-formed, and
that would be a good reason for GnuPG to reject it with an
error and reject the decryption result. Instead, it will
happily process what we identified as a sequence of two
OpenPGP messages: one encrypted message, which is
responsible for creating the perception of a fully encrypted
message, and a plaintext message for the actual unprotected
payload.

The truth is that GnuPG already tries to protect against
this kind of problem. Since version 1.4.7, GnuPG is supposed
to stop processing when encountering more than one message
in the input, unless the option --allow-multiple-messages is
given. Unfortunately, the option is a bit of a misnomer. The
actual implementation does not check the number of messages,
but the number of plaintext packets in the input, which, in
case of the cake message, is exactly one. Apparently the
case of a completely empty encrypted data packet was not
considered at the time.


Click here to read the complete article
Re: PGP is not longer safe!

<55a7222bc0d7f20f2be289c733019797$1@retrobbs.rocksolidbbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=102&group=rocksolid.shared.encryption#102

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.retrobbs!not-for-mail
From: anonuser@retrobbs.rocksolidbbs.com.remove-lj5-this (AnonUser)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Wed, 30 May 2018 09:07:17 -0700
Organization: RetroBBS
Message-ID: <55a7222bc0d7f20f2be289c733019797$1@retrobbs.rocksolidbbs.com>
References: <peklni$4rt$1@novabbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: novabbs.com; posting-host="retrobbs:10.128.3.129";
logging-data="13459"; mail-complaints-to="usenet@novabbs.com"
To: Guest
X-Comment-To: Guest
In-Reply-To: <peklni$4rt$1@novabbs.com>
X-FTN-PID: Synchronet 3.17a-Linux Feb 20 2018 GCC 6.3.0
X-Gateway: retrobbs.rocksolidbbs.com [Synchronet 3.17a-Linux NewsLink 1.108]
 by: AnonUser - Wed, 30 May 2018 16:07 UTC

To: Guest
Guest wrote:

> and the next fuckup, this time not as bad, but without
> involvement of html:

> https://neopg.io/blog/encryption-spoof/

> Not everything that looks encrypted, is encrypted
> 2018-05-28

> ...

It looks like this allows someone to send a message that appears to be
encrypted, but is not. Am I reading that right? Or is there more to it
than that?

Not that it's not a problem just wonder if I'm missing something beyond
that.

Posted on RetroBBS.
--- Synchronet 3.17a-Linux NewsLink 1.108
Posted on RetroBBS

Re: PGP is not longer safe!

<penvu2$ia5$1@novabbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=103&group=rocksolid.shared.encryption#103

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.localhost!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Thu, 31 May 2018 05:07:14 +0000
Organization: RetroBBS II
Lines: 1
Message-ID: <penvu2$ia5$1@novabbs.com>
References: <55a7222bc0d7f20f2be289c733019797$1@retrobbs.rocksolidbbs.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Thu, 31 May 2018 05:07:14 -0000 (UTC)
Injection-Info: novabbs.com; posting-host="localhost:127.0.0.1";
logging-data="18757"; mail-complaints-to="usenet@novabbs.com"
User-Agent: FUDforum 3.0.7
X-FUDforum: d41d8cd98f00b204e9800998ecf8427e <289015>
 by: Guest - Thu, 31 May 2018 05:07 UTC

no, that is it. the problem is smaller than the others, but
still bad for somebody who really needs encryption.
Posted on RetroBBS II

Re: PGP is not longer safe!

<pfitap$uve$1@novabbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=106&group=rocksolid.shared.encryption#106

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.localhost!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Sun, 10 Jun 2018 10:08:25 +0000
Organization: RetroBBS II
Lines: 9
Message-ID: <pfitap$uve$1@novabbs.com>
References: <penvu2$ia5$1@novabbs.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 10 Jun 2018 10:08:25 -0000 (UTC)
Injection-Info: novabbs.com; posting-host="localhost:127.0.0.1";
logging-data="31726"; mail-complaints-to="usenet@novabbs.com"
User-Agent: FUDforum 3.0.7
X-FUDforum: d41d8cd98f00b204e9800998ecf8427e <311080>
 by: Guest - Sun, 10 Jun 2018 10:08 UTC

and a third hole, this time in gpg:

" By using a made up file name in the message it is possible
to fake status messages.
Using this technique it is for example possible to fake the
verification status of a signed mail."

Ok, so it is not the apocalypse, but still annoying.

https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
Posted on RetroBBS II

Re: PGP is not longer safe!

<de8a02627692f9185c845a633614c9e7$1@retrobbs.i2p>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=107&group=rocksolid.shared.encryption#107

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.retrobbs!not-for-mail
From: anonuser@retrobbs.rocksolidbbs.com.remove-yda-this (AnonUser)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Sun, 10 Jun 2018 11:05:29 -0700
Organization: RetroBBS
Message-ID: <de8a02627692f9185c845a633614c9e7$1@retrobbs.i2p>
References: <pfitap$uve$1@novabbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: novabbs.com; posting-host="retrobbs:10.128.3.129";
logging-data="16777"; mail-complaints-to="usenet@novabbs.com"
To: Guest
X-Comment-To: Guest
In-Reply-To: <pfitap$uve$1@novabbs.com>
X-FTN-PID: Synchronet 3.17a-Linux Feb 20 2018 GCC 6.3.0
X-Gateway: retrobbs.rocksolidbbs.com [Synchronet 3.17a-Linux NewsLink 1.108]
 by: AnonUser - Sun, 10 Jun 2018 18:05 UTC

To: Guest
Guest wrote:

> and a third hole, this time in gpg:

> " By using a made up file name in the message it is possible
> to fake status messages.
> Using this technique it is for example possible to fake the
> verification status of a signed mail."

> Ok, so it is not the apocalypse, but still annoying.

> https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
> Posted on RetroBBS II

Annoying and could be deceptive to some users. There will always be bugs
but it's good to see them be addressed.

Posted on RetroBBS
--- Synchronet 3.17a-Linux NewsLink 1.108
Posted on RetroBBS

Re: PGP is not longer safe!

<pfm6lj$tfv$1@novabbs.com>

 copy mid

https://rocksolidbbs.com/rocksolid/article-flat.php?id=108&group=rocksolid.shared.encryption#108

 copy link   Newsgroups: rocksolid.shared.encryption
Path: rocksolid2!.POSTED.localhost!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.encryption
Subject: Re: PGP is not longer safe!
Date: Mon, 11 Jun 2018 16:06:11 +0000
Organization: RetroBBS II
Lines: 1
Message-ID: <pfm6lj$tfv$1@novabbs.com>
References: <de8a02627692f9185c845a633614c9e7$1@retrobbs.i2p>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 11 Jun 2018 16:06:11 -0000 (UTC)
Injection-Info: novabbs.com; posting-host="localhost:127.0.0.1";
logging-data="30207"; mail-complaints-to="usenet@novabbs.com"
User-Agent: FUDforum 3.0.7
X-FUDforum: d41d8cd98f00b204e9800998ecf8427e <313636>
 by: Guest - Mon, 11 Jun 2018 16:06 UTC

for this case you are right, in the version (2.2.8) this is
fixed. fast reaction.
Posted on RetroBBS II

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor