New paper on how to fix #efail style attacks against e2e encrypted email, including OpenPGP and S/MIME. Joint work with @JoergSchwenk @lambdafu @dues__ @jensvoid @jurajsomorovsky @seecurity. To be presented at @acm_ccs 2020. Thread: One central problem of email e2ee is that neither MIME structure nor header fields are protected from modification. Attackers can send modified ciphertexts, can send ciphertexts with crafted MIME structures or can add or remove headers such as FROM, RCPT TO or SUBJECT at will.

New Paper: “Practical Decryption exFiltration: Breaking PDF Encryption“ describing new attacks that uncover the plaintext of encrypted PDFs. To be presented at @acm_ccs and joint work with @jensvoid @Murgi @v_mladenov @CheariX @JoergSchwenk. #PDFex 1/n @acm_ccs @jensvoid @Murgi @v_mladenov @CheariX @JoergSchwenk Do you remember the efail.de attacks against S/MIME and OpenPGP encrypted emails? It’s basically that but against encrypted PDFs. Paper: pdf-insecurity.org. #PDFex 2/n

We'll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. #efail 1/4 There are currently no reliable fixes for the vulnerability. If you use PGP/GPG or S/MIME for very sensitive communication, you should disable it in your email client for now. Also read @EFF’s blog post on this issue: eff.org/deeplinks/2018… #efail 2/4