EFAIL Attacks – How PGP & S/MIME Vulnerability Leaked Encrypted Emails in Plain Text

Researchers finally revealed the Historical Email encryption based EFAIL attacks that can be exploited this brand new serious vulnerability that affected PGP & S/MIME end-to-end encryption technologies.

Researchers already released an earlier warning about this highly critical security flaw in PGP & S/MIME keys and they advised to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email.

Email Based encrypted medium protected using Transport layer security to perform complete confidential communication such as hostile environments which is mainly used by whistleblowers, journalists etc.

This EFAIL attacks can be used to break this additional encryption layer and anyone getting access to their email communication can also read the victims emails even if they use additional PGP encryption.

Also sometime sophisticated attackers will perform an attack called eavesdrop on email communications to steal the many people’s confidential information that is shared over email.

In this case, OpenPGP offers end-to-end encryption particularly for sensitive communication and  S/MIME is an alternative standard for email end-to-end encryption to secure the corporate environment from this powerful attacks.

This EFAIL attacks capable of exploiting this vulnerability that has been discovered in OpenPGP and S/MIME which reveal the encrypted Emails in Plain Text.

Here We can see the Affected clients by this EFAIL Attacks on S/MIME clients, PGP clients and Direct exfiltration attacks.

How Does This EFAIL Attacks Works

Initially, Attacker needs to access the encrypted emails that can be achieved by eavesdropping on network Traffic, Email based servers, compromising the Backup system, Email Accounts including the Emails that could have been collected a year ago.

According to Researchers,  “In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs.

Later attackers influence the crafted Emails from various attacks and modifying the Emails that will be sent to Victims.

The Victims Email client will start to decrypt the Email and the Email content will be exfiltrated as a Plain text if the victims configured his Email client to read the External Resources.

Understand the EFAIL Attacks

Attacker sends the modified Encrypted Email as a new multipart email with three body parts to the Victims client.

1. HTML Body  containing an HTML image tag with open  quotes but not closed
2. second body part contains the PGP or S/MIME ciphertext
3. Third is an HTML body closes the src attribute of the first body part

Now Attack will send this Email to a victim then the Victim Email client will Decrypt the second body and stitches the three body parts together in one HTML email.

Here URL spans over all four lines since image tag in line 1 is closed in line 4.

According to researchers, The email client then URL encodes all non-printable characters (e.g., %20 is a whitespace) and requests an image from that URL. As the path of the URL contains the plaintext of the encrypted email, the victim’s email client sends the plaintext to the attacker.

EFAIL Attacks Mitigation

• No decryption in email client – Decrypt S/MIME or PGP emails in a separate application outside of your email client.
• Disable HTML rendering – Since this attack rendering HTML images, styles, Disabling the presentation of incoming HTML emails in your email client
• Patching – Apply the patch that released by the vendor for this EFAIL Attacks vulnerabilities.
• Update – Update OpenPGP and S/MIME standards.

Based on the Researchers analysis 25 of the 35 tested S/MIME email clients and 10 of the 28 tested OpenPGP email clients are affected.

EFail Attacks flaw has been reported already and two official CVE number has been realised.

CVE-2017-17688: OpenPGP CFB gadget attacks
CVE-2017-17689: S/MIME CBC gadget attacks