“Johnny, you are fired!” – Spoofing OpenPGP and S/MIME Signatures in Emails

  • OpenPGP and S/MIME are the two major standards to en-crypt and digitally sign emails. Digital signatures are sup-posed to guarantee authenticity and integrity of messages. Inthis work we show practical forgery attacks against variousimplementations of OpenPGP and S/MIME email signatureverification in five attack classes: (1) We analyze edge casesin S/MIME’s container format. (2) We exploit in-band sig-naling in the GnuPG API, the most widely used OpenPGPimplementation. (3) We apply MIME wrapping attacks thatabuse the email clients’ handling of partially signed mes-sages. (4) We analyze weaknesses in the binding of signedmessages to the sender identity. (5) We systematically testemail clients for UI redressing attacks.Our attacks allow the spoofing of digital signatures for ar-bitrary messages in 14 out of 20 tested OpenPGP-capableemail clients and 15 out of 22 email clients supportingS/MIME signatures. While the attacks do not target the un-derlying cryptographic primitives of digital signatures, theyraise concerns about the actual security of OpenPGP andS/MIME email applications. Finally, we propose mitigationstrategies to counter these attacks.

Export metadata

Additional Services

Metadaten
Author:Jens Müller, Marcus Brinkmann, Damian Poddebniak, Hanno Böck, Sebastian Schinzel, Juraj Smomrosvsky, Jörg Schwenk
URL:https://www.usenix.org/conference/usenixsecurity19/presentation/muller
Parent Title (German):28th Usenix Security Symposium, Santa Clara, CA, USA
Document Type:Conference Proceeding
Language:German
Date of Publication (online):2019/05/21
Year of first Publication:2019
Publishing Institution:Fachhochschule Münster - University of Applied Sciences
Release Date:2019/05/21
Last Page:18
Faculties:Elektrotechnik (ETI)
Publication list:Schinzel, Sebastian
Licence (German):License LogoBibliographische Daten