Efail Logo
   HOME

TheInfoList



Click Here for Items Related To - Efail Logo
OR:
Efail Logo on:   [Wikipedia]   [Google]   [Amazon]

Efail, also written EFAIL, is a
security hole Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by ...
in
email Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or counterpart to, mail, at a time when "mail" meant ...
systems with which content can be transmitted in
encrypted In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...
form. This gap allows attackers to access the decrypted content of an email if it contains active content like
HTML The HyperText Markup Language or HTML is the standard markup language for documents designed to be displayed in a web browser. It can be assisted by technologies such as Cascading Style Sheets (CSS) and scripting languages such as JavaScri ...
or
JavaScript JavaScript (), often abbreviated as JS, is a programming language that is one of the core technologies of the World Wide Web, alongside HTML and CSS. As of 2022, 98% of Website, websites use JavaScript on the Client (computing), client side ...
, or if loading of external content has been enabled in the client. Affected email clients include
Gmail Gmail is a free email service provided by Google. As of 2019, it had 1.5 billion active users worldwide. A user typically accesses Gmail in a web browser or the official mobile app. Google also supports the use of email clients via the POP an ...
,
Apple Mail Apple Mail (officially known as Mail) is an email client included by Apple Inc. with its operating systems macOS, iOS, iPadOS and watchOS. Apple Mail grew out of NeXTMail, which was originally developed by NeXT as part of its NeXTSTEP operating ...
, and
Microsoft Outlook Microsoft Outlook is a personal information manager software system from Microsoft, available as a part of the Microsoft Office and Microsoft 365 software suites. Though primarily an email client, Outlook also includes such functions as Calen ...
. Two related
Common Vulnerabilities and Exposures The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States' National Cybersecurity FFRDC, operated by The MITRE Corporation, maintai ...
IDs, , have been issued. The security gap was made public on 13 May 2018 by Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky and Jörg Schwenk as part of a contribution to the 27th USENIX Security Symposium, Baltimore, August 2018. As a result of the vulnerability, the content of an attacked encrypted email can be transmitted to the attacker in plain text by a vulnerable email client. The used encryption keys are not disclosed.


Description

The security gap concerns many common email programs when used with the
email encryption Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication. Email is prone to the disclosure of information. Most emails a ...
systems
OpenPGP Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitio ...
and
S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by R ...
. An attacker needs access to the attacked email message in its encrypted form, as well as the ability to send an email to at least one regular recipient of this original email. To exploit the security gap, the attacker modifies the encrypted email, causing the recipient's email program to send the decrypted content of the email to the attacker. To access the decrypted content of an encrypted email, the attacker modifies the email to be attacked to contain text prepared by the attacker in a specific way. The attacker then sends the changed email to one of the regular recipients. The attacker inserts additional text before and after the encrypted text in the encrypted email, thereby changing the message so that a multipart/mixed (MIME) message is created and the encrypted part of the message appears together with the limit marks of the MIME message as a parameter value of an HTML tag. Example of a modified S/MIME mail: ..Content-Type: multipart/mixed;boundary="BOUNDARY" ..--BOUNDARY Content-Type: text/html --BOUNDARY ... The email client first breaks down the multipart message into its individual parts using the --BOUNDARY tag and then decrypts the encrypted parts. It then reassembles the multipart message, and receives the message in this way: ..Content-Type: multipart/mixed;boundary="BOUNDARY" ..--BOUNDARY Content-Type: text/html --BOUNDARY ... This message now contains the decrypted content of the email in the src= attribute of the tag and is passed by the email program as URL to the web server attacker.chosen.url controlled by the attacker, when this content is requested. The attacker can now retrieve the content of the encrypted message from its web server logs. In a variant of the attack, the attacker uses a vulnerability in the CBC (S/MIME) and CFB (OpenPGP) operating modes of the encryption algorithms used. This allows him to change the
ciphertext In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext ...
by inserting ''
gadget A gadget is a mechanical device or any ingenious article. Gadgets are sometimes referred to as '' gizmos''. History The etymology of the word is disputed. The word first appears as reference to an 18th-century tool in glassmaking that was develo ...
s''. As a side effect of this manipulation, the originally contained plain text becomes illegible. If this was known, the attacker can correct this by inserting additional gadgets. The attacker can hide unknown plain text by inserting certain
HTML tag The HyperText Markup Language or HTML is the standard markup language for documents designed to be displayed in a web browser. It can be assisted by technologies such as Cascading Style Sheets (CSS) and scripting languages such as JavaScrip ...
s. The result is a message with a similar structure as described above.


Mitigations

Since the vulnerability is directed against the content of the email and not against the recipient, it is necessary that all recipients implement the countermeasures. These include: * Disable active content such as
HTML The HyperText Markup Language or HTML is the standard markup language for documents designed to be displayed in a web browser. It can be assisted by technologies such as Cascading Style Sheets (CSS) and scripting languages such as JavaScri ...
or
JavaScript JavaScript (), often abbreviated as JS, is a programming language that is one of the core technologies of the World Wide Web, alongside HTML and CSS. As of 2022, 98% of Website, websites use JavaScript on the Client (computing), client side ...
when viewing emails. * Suppress automatic reloading of external content, such as images. To what extent even the senders of encrypted content can reduce the vulnerability, e.g. by electronic signatures or the limitation to a subset of MIME formats, has not yet been conclusively clarified.


Critique

Announcing the security vulnerability on 13 May 2018 the
Electronic Frontier Foundation The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet ci ...
(EFF) recommended to stop using any PGP plugins in email programs even though the vulnerability does not directly relate to PGP but to the configuration of an email program. A coordinated publication was originally scheduled for the 15 May. The EFF was criticized for ignoring this by various parties. As a consequence of this, Robert Hansen recommended to establish a closed group or mailing list to better coordinate the publication of future security issues. Still, he saw the EFF and its director Danny O'Brien as the best entity to administer such an "OpenPGP Disclosure Group".


References


Further reading

*


External links


Official web-site
{{Hacking in the 2010s Email hacking Computer security exploits