2018/06/15: Article about the SigSpoof vulnerability which makes it possible for attackers to fake digital signaturesRead more
2018/05/14: Article reviewing the story of the EFAIL vulnerabilities concerning PGP encrypted emailRead more
2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more
2019/03/12: Federal Chancellery official press release about the flaws found in the Swiss Post e-voting system. The Federal Chancellery calls for Swiss Post to review and improve it's system's security process and "will review the relevant certification and authorization procedures." The...Read more
2018/05/14: Article on the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more
2018(05/14: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more
2019/03/12 : Report of researchers who found a vulnerability in the SwissPost e-voting shuffle. The trapdoor commitment scheme allows an undetectable vote manipulation.
EFAIL Usenix paper, released (in a draft version) on may 14, 2018 due to embargo break. It describes the EFAIL attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGP.Read more
2018/05/22: Article analyzing and answering questions linked to the EFAIL vulnerabilitiesRead more