Security News > 2020 > August > Academics Devise Attacks Targeting Email End-to-End Encryption
A group of academic researchers has devised practical attacks against major standards in email end-to-end encryption, which could lead to the exfiltration of sensitive information.
The proposed attacks target the OpenPGP and S/MIME encryption schemes, and can be used to leak private keys and other data, researchers with the Ruhr University Bochum and Münster University of Applied Sciences explain in a newly published paper.
The second model abuses the mailto URI scheme, which allows third-party apps to invoke an email client to facilitate the composition of a message to a given email address.
"An evaluation shows that 8 out of 20 tested email clients are vulnerable to at least one attack. While our attacks do not target the underlying cryptographic primitives, they raise concerns about the practical security of OpenPGP and S/MIME email applications," the researchers explain.
"Using six email clients supporting S/MIME, we could silently replace the encryption key in the scenario of an active MitM attacker. For three OpenPGP capable clients we could exfiltrate the plaintext to an attacker controlled IMAP server or misuse them as signing oracles. Four clients support the dangerous mailto parameter to attach arbitrary files such as PGP private keys on disk to an email message sent back to the attacker," the paper reads.