PGP flaw found by Czech firm allows dig sig to be forged
aluger at hushmail.com
aluger at hushmail.com
Thu Mar 22 14:58:21 PST 2001
At Wed, 21 Mar 2001 23:01:56 -0500, "Phillip Hallam-Baker" <hallam at ai.mit.edu>
wrote:
>
>The report is incorrect in stating that PGP is the most popular email
>security package, there are 100 million copies of S/MIME enabled
>email applications in use.
And how many of those "in use" applications actually USE the S/MIME feature?
I love the creative accounting practice that makes this argument.
>
> Phill
>
>> -----Original Message-----
>> From: owner-fight-censorship at vorlon.mit.edu
>> [mailto:owner-fight-censorship at vorlon.mit.edu]On Behalf Of Declan
>> McCullagh
>> Sent: Wednesday, March 21, 2001 1:36 PM
>> To: cypherpunks at cyberpass.net; cryptography at c2.net
>> Cc: fight-censorship at vorlon.mit.edu
>> Subject: PGP flaw found by Czech firm allows dig sig to be forged
>>
>>
>>
>>
>> http://www.wired.com/news/politics/0,1283,42553,00.html
>>
>> Your E-Hancock Can Be Forged
>> by Declan McCullagh (declan at wired.com)
>> 10:20 a.m. Mar. 21, 2001 PST
>>
>> WASHINGTON -- A Czech information security firm has found a flaw
>in
>> Pretty Good Privacy that permits digital signatures to be forged
>in
>> some situations.
>>
>> Phil Zimmermann, the PGP inventor who's now the director of the
>> OpenPGP Consortium, said on Wednesday that he and a
>> Network Associates
>> (NETA) engineer verified that the vulnerability exists.
>>
>> ICZ, a Prague company with 450 employees, said that two of its
>> cryptologists unearthed a bug in the OpenPGP format that allows
>an
>> adversary who breaks into your computer to forge your e-mail
>> signature.
>>
>> Both Zimmermann and the Czech engineers, Vlastimil Klima and Tomas
>> Rosa, point out that the glitch does not affect messages encrypted
>> with PGP. OpenPGP programs -- including GNU Privacy Guard and newer
>> versions of PGP -- use different algorithms for signing and
>> scrambling, and only the digital signature method is at risk.
>>
>> PGP and its offspring are by far the most popular e-mail encryption
>> programs in the world. Nobody has disclosed a flaw in their
>> message-scrambling mechanisms, but PGP owner Network Associates
>> suffered an embarrassment last August when a German cryptanalyst
>> published a way that allows an attacker to hoodwink PGP into not
>> encoding secret information properly.
>>
>> In this case, someone wishing to impersonate you would need to
>gain
>> access to your secret key -- usually stored on a hard drive or
>a
>> floppy disk -- surreptitiously modify it, then obtain a message
>you
>> signed using the altered secret key. Once those steps are complete,
>> that person could then digitally sign messages using your name.
>>
>> "PGP or any program based on the OpenPGP format that does
>> not have any
>> extra integrity check will not recognize such modification
>> and it will
>> allow you to sign a message with the corrupted key," says Rosa,
> who
>> works at Decros, an ICZ company. Rosa says he demonstrated the
>> vulnerability with PGP 7.0.3.
>>
>> [...]
>
Free, encrypted, secure Web-based email at www.hushmail.com
More information about the cypherpunks-legacy
mailing list