Re: “Johnny, you are fired!” – Balsa test results



Hi Albrecht,

On 05/05/2019 08:36:14 AM Sun, Albrecht Dreß wrote:
Hi all,

this week an interesting paper about attacks against MUA's supporting OpenPGP and S/MIME signatures has been 
published [1].  Instead of attacking the crypto layer, the authors show methods for spoofing digital 
signatures.  Opening the proof-of-concept messages available from the authors [2] in Balsa unfortunately 
shows some vulnerabilities which I will try to fix as soon as possible.  Note that the multipart/signed PGP 
samples are not recognised by Balsa as they miss the required 'micalg' parameter [3]; I added it for my tests.

A brief summary of the test results, running the latest Balsa master build on Ubuntu 18.04 LTS, which comes 
with gpg 2.2.4, gpgsm 2.2.4 and gpgme 1.100:

- Perfect forgery: C2
- Partial forgery: I1, I2, I3
- Weak forgery: M3 (inline PGP only), M4 (inline PGP only), U1
- Not vulnerable: C1, C3, C4, G1, G2, M1, M2, M3 (multipart/signed only), M4 (multipart/signed only)

Cheers,
Albrecht.
…

Thanks for testing Balsa on these attacks! Will look forward to patches 😁️

Best,

Peter

Attachment: pgp0SOKElVmJb.pgp
Description: PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]