sign encrypted emails

Hauke Laging mailinglisten at hauke-laging.de
Fri Jan 3 06:35:28 CET 2014


Hello,

this is not a GnuPG problem. GnuPG is capable of doing what I want. But I am 
interested in your opinion.

I just noticed that you can easily be deluded about an email being encrypted: 
That you receive an encrypted mail does not mean that it was sent encrypted. 
An adversary may encrypt a non-encrypted message (which he has intercepted) in 
order to create more trust in the message for the recipient: If you receive 
critical information and are aware that it has not been encrypted then you may 
react differently from the case where you are sure that is was encrypted.

Or similar: A message is encrypted to a low security key which has been 
compromised (unnoticed by the recipient). The adversary decrypts the message 
ans reencrypts it to a more secure key.

This can be detected by asking the sender (which noone would do every time) or 
by signing the encrypted message (this may mean that you sign it twice: once 
before and once after encryption).

I would like to ask mail client developers to add this feature. But before I 
would like to hear opinions whether that makes sense.

>From the RfC perspective (PGP/MIME) this should not be a problem; you just 
need another level of nesting. Maybe the mail clients are not even prepared 
for reading such messages. That would not surprise me but would not be an 
argument against one client implementing this as the first one. I am 
interested in general arguments for and against this.

I have tried to create a test file. Unfortunately I am not sure whether I have 
done that correctly. I am familiar with checking MIME signatures with gpg 
directly but creating a message is a different story:

http://www.crypto-fuer-alle.de/docs/sign-encrypt-sign/demo.mbox

KMail ignores the outer signature layer in its main window but shows the 
structure correctly in the lower part of the window. That could mean that my 
file is correct but KMail not prepared to display it correctly.

Enigmail tells me that might be a signed message but doesn't show anything.

If I encrypt some text manually and paste it as body content in a PGP/MIME 
mail which gets signed and encrypted then KMail shows all three layers in its 
main window. This could indicate that KMail is capable of handling three 
layers but that my test file is incorrect.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140103/e8fa2ca2/attachment.sig>


More information about the Gnupg-users mailing list