security vulnerability

Encrypted Email Has a Major, Divisive Flaw (Wired article)

2018/05/14: Article on the story of the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels (draft 0.9.1)

Description of attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGPRead more

Efail or OpenPGP is safer than S/MIME (W. Koch email)

2018/05/14: Werner Koch statement on EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

No, PGP is not broken, not even with the Efail vulnerabilities (2. Hacker News Forum)

2018/05: Reaction to the Prontomail article "No, PGP is not broken, not even with the Efail vulnerabilities" (artifact available) on Hacker News forum : https://cva.unifr.ch/content/no-...Read more

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)

2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more

Die wichtigsten Fakten zu Efail (Golem article)

2018/05/22: Article analyzing and answering questions linked to the EFAIL vulnerabilitiesRead more

Knights and Knaves Run Elections: Internet Voting and Undetectable Electoral Fraud (IEEE article)

2019/07/04: Institute of Electrical and Electronics Engineers's article on the vulnerability found in the Swiss Post e-voting system, the security of e-voting systems and how to build a trustworthy e-voting system.

Reference: ...Read more

efail: Outdated Crypto Standards are to blame (Hanno's blog)

2018/05/22: Hanno Böck's thoughts and opinion about the EFAIL vulnerability, OpenPGP and S/MIME,Read more

No, PGP is not broken, not even with the Efail vulnerabilities (1. Prontomail article)

2018/05/15: Article going through why PGP isn't "broken" even though vulnerabilities have been found in it. 

Reaction to this article available here : https://cva.unifr.ch/content/no...Read more

Statement on Efail research (Gpg4win)

2018/05/17: Gpg4win statement regarding the EFAIL vulnerabilities and its media coverageRead more

Subscribe to security vulnerability