Email Encryption With PGP May Have a Serious Flaw

Encrypting your emails with PGP or S/MIME may no longer be the almost secure option.

In certain situations, you lot tin can break the encryption and reveal the contents of your supposedly private emails, according to a squad of researchers in Europe, who published a paper detailing how to pull plain text from emails secured with PGP or S/MIME encryption.

The researchers dubbed the flaw "EFail," and say information technology affects over a dozen e-mail clients, such equally Apple tree Postal service, Microsoft's Outlook, and Thunderbird, which either support a plugin tool or use a native standard for their encryption.

EFail Email Services

To exploit the flaw, you demand a copy of the victim's encrypted emails. The researchers discovered you lot can really alter the encrypted email with some computer lawmaking to trigger an HTML process that'll decrypt it.

"In a nutshell, EFAIL abuses agile content of HTML emails, for example externally loaded images or styles, to exfiltrate plain text through requested URLs," the researchers write.

In one case altered, the encrypted e-mail tin be sent dorsum to the victim'southward email customer, which will mistakenly decrypt the contents inside and send the data to the attacker's server via a URL asking.

The researchers warn that journalists, political activists, and whistleblowers face up the most risk from the flaw; for years, PGP has been a go-to tool to secure sensitive emails with a form of stop-to-end encryption, with S/MIME interim as an alternative. In dissimilarity, mainstream electronic mail clients only procedure and store your messages using manifestly text.

That said, PGP isn't exactly pop. The encryption standard was adult in 1991 and ways "Pretty Adept Privacy." Still, information technology's notoriously difficult to use. Even PGP's original developer reportedly avoids it.

Critics have besides been quick to cast doubt on the severity of the EFail vulnerability, noting that the hack isn't easy to pull off.

To really exploit it an attackers needs to already hold a copy of the encrypted message, the attacker needs the victim to take a vulnerable email & PGP client, the attacker needs the mail customer to load remote content (not default setting in Outlook, Mac Postal service etc) etc.
— Kevin Beaumont (@GossiTheDog) May 14, 2022

The security flaw may also also represent more than of a trouble with PGP implementation than any issues with the encryption standard. For instance, ProtonMail, an electronic mail client that supports a version of PGP, is not afflicted.

"The existent vulnerability is implementation errors in various PGP clients," ProtonMail tweeted on Monday. Headlines challenge "PGP is vulnerable" are inaccurate, the electronic mail service added.

Werner Koch, the developer behind GNU Privacy Guard (GnuPG), an open up-source PGP software suite, was likewise critical of the research. "It is long known that HTML mails and in item external links ... are evil," he wrote on Monday.

The Electronic Frontier Foundation, on the other hand, is urging users to disable or uninstall PGP e-mail plugins until the EFail threat is more widely understood. "Instead, use non-email based messaging platforms, like Signal, for your encrypted messaging needs. Utilize offline tools to decrpt PGP messages you lot have received in the past," the group said.

The EFF also notes that the EFail vulnerability will probably spark debate over the security around both encryption standards. Merely in the meantime, afflicted email clients are preparing patches to accost the flaw.

The Thunderbird project told PCMag it's already testing a fix that it expects to gyre out at the cease of the week. GPGTools, another provider of the encryption software, also said an update is coming this calendar week to mitigate the flaw.

For PGP users, the researchers created a page with more information on how you can protect yourself from the EFail threat. They warn that the flaw won't be fully fixed until the It customs updates the PGP and S/MIME standards.