Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

PDF Document

It appears your Web browser is not configured to display PDF files. Download adobe Acrobat or click here to download the PDF file.

License

Creative Commons Licence

Creator(s)

Damian Poddebniak
Christian Dresen
Jens Müller
Fabian Ising
Sebastian Schinzel
Simon Friedberger
Juraj Somorovsky
Jörg Schwenk

Contributors

Sylvain Besençon
Audrey Varone

Contributed date

May 14, 2018 - 3:17pm

Critical Commentary

EFAIL Usenix paper, released (in a draft version) on may 14, 2018 due to embargo break. It describes the EFAIL attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGP.

Source

https://www.usenix.org/conference/usenixsecurity18/presentation/poddebniak

Group Audience

Tags

Efail
OpenPGP
S/MIME
vulnerability disclosure
security vulnerability
attack
cheating proof
Need help with PECE?
Join the PECE Slack channel