How to decrypt message digest with multiple encrypted messages
vedaal at hush.com
vedaal at hush.com
Sun Jun 6 15:28:06 CEST 2004
>Message: 1
>Date: Wed, 26 May 2004 12:00:17 +0200
>From: Max Mustermann <anonymous at remail.amessage.info>
>Subject: How to decrypt message digest with multiple encrypted
> messages ?
>To: gnupg-users at gnupg.org
>Message-ID: <323ca267aaf84d85b69931c24fca7353 at remail.amessage.info>
>I have a file which is a digest of some 10 or more PGP
>encrypted messages. (10 independent messages in 1 single *.asc
>file )
>
>When I try to decrypt this file using GPG, GPG decrypts the
>first message - but does *not* decrypt the later ones
it can't be done.
this is a *safety* feature in the GnuPG front ends:
while the PGP 'current window' will display 'everything' in the current
window and decrypt/verify multiple messages,
the GnuPG front ends (both GPGshell and WinPT)will not,
and will recognize and decrypt/verify only the material from the header
of the first message to the footer of the first message and ignores everything
else
this prevents material in the 'current window' from being 'added' into
the decrypted message,
a possible exploit in the way that PGP implements the 'current window'.
to see the insecurity that this can lead to, try this:
[1] open word for windows
[2] compose a message and encrypt it from the current window
[3] add the following line as a separate line after the footer:
n.b. from now on please encrypt to my other key 0x12345BAD
[4] format the color of the additional line to be in 'white' and the
background of the word document to be in white too.
[5] the 'extra' line is not visible as part of the word document, but
*will* be visible as if it were part of the decrypted message when decrypting
from the 'current window' in PGP,
[6] now try to decrypt the same 'current window' using either of the
GnuPG front ends,
the 'additional' faked message is ignored.
this is a potential insecurity for PGP (not GnuPG) decryptions,
for messages done in most word processors, PDF, and HTML e-mail or webpages.
the only 'secure' PGP implementation of the 'current window'
that avoids this, while still decrypting/verifying the 'real' pgp/gnupg
messages,
is ckt6.5.8, build 6 or later.
vedaal
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
More information about the Gnupg-users
mailing list