Re: Security flaw in PGPverify of INN (fwd)

=====================================Kaos=Keraunos=Kybernetos============== .+.^.+.| Ray Arachelian |Prying open my 3rd eye. So good to see |./|\. ..\|/..|sunder@sundernet.com|you once again. I thought you were |/\|/\ <--*-->| ------------------ |hiding, and you thought that I had run |\/|\/ ../|\..| "A toast to Odin, |away chasing the tail of dogma. I opened|.\|/. .+.v.+.|God of screwdrivers"|my eye and there we were.... |..... ======================= http://www.sundernet.com ========================== ---------- Forwarded message ---------- Date: Tue, 14 Oct 1997 17:34:11 +0200 From: Peter Simons To: BUGTRAQ@NETSPACE.ORG Subject: Re: Security flaw in PGPverify of INN -----BEGIN PGP SIGNED MESSAGE----- I am replying to the "security problem" report in pgpverify written by Lutz Donnerhacke, which has been delivered via several mailing lists, including BUGTRAQ and Best-Of-Security. Normally I'd simply ignore this article, but this is so breath-takingly ridiculous that I have to set a few facts straight. Lutz Donnerhacke wrote:

I was urged to send you the following information. I noticed CERT and tale itself. But tale claims that the problem is not a problem of pgpverify, it's a problem of some krauts trying to send checkgroups monthly using a bot.

The checkgroups mentioned were send since a year. They do not include Date: and Message-ID: because these values were not predictable by the human signer and the bot does not know the passphrase to work with.

In consequence there are checkgroups out there which can be resend at any time causing a lot of trouble, because the signature is still valid even if a new Message-ID: and Date: line are used.

The obvious fix is to modify pgpverify to block such control messages. ftp://ftp.iks-jena.de/pub/mitarb/lutz/ contains the necessary fixes.

This is plain bullshit. pgpverify is working just fine and there's no security leak or malfunction in the script. The real story behind this 'report' is as follows: Lutz is the moderator for the german language de.* USENET hierarchy. One of his duties is to send out regular checkgroups and other control messages. What he did is that he didn't include the Message-Id and Date header into the signature of the control messages that he posted. He only signed headers like From and Subject. So he posted control messages with incomplete signatures for maybe a year, until this was first noticed and publicly addressed by Ralph Babel. The problem with these control messages is that anybody is able to re-post them with a new Message-Id and Date. Due to the correct PGP signature, most INNs will simply execute them, thus deleting all changes in the hierarchy since the checkgroups was posted originally. While this is not a major problem, it certainly is a problem, as all groups that have been created past a certain date can easily be removed, etc... When his mistake became public, he didn't stand up for it and created a new key to start posting correct control messages, rendering the old ones useless, he put the blame on Tale and his script instead. So please don't believe this "security flaw". pgpverify is working just fine and if the responsible person will use PGP correctly, there is no problem at all. -peter -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 iQCVAwUBNEORSw9HL1s0103BAQEgugP9FWJMNivNBqmJElzoQ6pXnwvS6QsbLjQG YrwHzvcYY3CAR7R446gr/WeuxW1JI1t9+yql8TNSvHeEXAX+qgz/ZMCjcjgjg0Pe j0BuVLBBfKuBoxGZDQybRybu3d5Xflqk07W9HjPP0tDtdkUcjndHr2J1Ea/J4zTd QgGNNUoZDFM= =brmw -----END PGP SIGNATURE-----