PGP isn't broken and you don't need to disable it, says inventor

ProtonMail and the inventor of Pretty Good Privacy (PGP) have released a strong statement dispelling recent reports that the encryption program should be disabled because of alleged vulnerabilities.

The developers of the email encryption program, including its creator Phil Zimmermann, have come together to set the record straight, taking aim at the Electronic Frontier Foundation (EFF) for promoting advice that users disable PGP to deal with the EFAIL issue.

"EFF recommended that users disable PGP plugins or stop using PGP altogether. This is akin to saying, 'Some locks can be broken; therefore we must remove all doors.' This is particularly dangerous because it can put at risk individuals who rely on PGP encryption for security," Andy Yen of ProtonMail, PGP inventor Phil Zimmerman, Enigmail founder Patrick Brunschwig and Thomas Oberndorfer, founder of Mailvelopestatement, said in a joint statement.

The EFF promoted a research paper earlier this month from Professor Sabastian Schinzel, of Germany's FH Munster University of Applied Sciences, which claimed PGP and S/Mime email encryption had critical vulnerabilities.

The professor initially tweeted about the EFAIL issue, which he found exposes encrypted emails in plaintext, before alerting the EFF about the problem.

"Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email," an EFF spokesperson advised at the time.

However, Zimmerman and his cohorts yesterday said such advice is misleading and potentially dangerous, as the EFAIL vulnerabilities are not flaws with the OpenPGP protocol, but are actually errors created during implementation of the program.

As an open standard, PGP can be implemented by anyone, which can lead to some security weaknesses, Zimmerman and the others said, adding that this does not mean that PGP itself is broken.

"Both our recommendations and EFF's require user action on the part of the sender and recipient of messages, but our recommendation provides better security," they stated. "If you receive PGP email, following our recommendations protects you from EFAIL, while still allowing you to easily decrypt PGP messages."

Their recommendation to combat the EFAIL vulnerability is for users to update their PGP software to the latest version and ensure that the user at the other end of the communication line is also using an unaffected implementation, or updated its PGP software, before sending any sensitive information.

Among the most commonly used software based on PGP, only Enigmail and GPGtools were vulnerable, but ProtonMail said the issues are easy to mitigate by upgrading Enigmail to version 2.0.5 and only use simple HTML or plaintext viewing models in Thunderbird.

If you use GPGTools, it is advised you disable loading remote content.

14/05/2018: EFAIL: PGP has a huge security flaw

A professor of computer science has warned users of Pretty Good Privacy (PGP) that the encryption program has vulnerabilities and should be immediately disabled.

The critical vulnerability, dubbed EFAIL by Professor Sabastian Schinzel of Germany's FH Munster University of Applied Sciences, exposes encrypted emails in plaintext, even for messages sent in the past.

Professor Schinzel posted on Twitter that the university would publish its findings in the early hours of Tuesday morning, before alerting the Electronic Frontier Foundation (EFF), who first reported the vulnerability. However, the embargo was broken by German news outlet Suddeuteschen Zeitung who posted the findings in the early hours of Monday.

"Our advice, which mirrors that of the researchers, is to immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email." an EFF spokesperson advised.

"The flaws described in the paper are more widely understood and fixed, users should arrange for the use of alternative end-to-end secure channels, such as Signal, and temporarily stop sending and especially reading PGP-encrypted email."

EFAIL works by targeting 'active content' of HTML emails - namely loaded images or styles - to exfiltrate plaintext through requested URLs. It's not that simple, though - before doing that a hacker must find the encrypted emails they want by spying on network traffic and then compromising email accounts, servers, backup systems or client computers.

"The attacker changes an encrypted email in a particular way and sends this changed encrypted email to the victim," the EFF's spokesperson explained. "The victim's email client decrypts the email and loads any external content, thus exfiltrating the plaintext to the attacker."

Pretty Good Privacy (PGP) was generally considered the gold standard for email security, placing coded layers of security on top of text content, so that the text is scrambled if it's ever intercepted. Created by computer scientist Phil Zimmerman in 1991, Symantec bought PGP in 2010, but the EFAIL issues relate to the open PGP standard.

Morten Brogger, CEO of Wire, a B2B end-to-end encryption firm, said: "Today's announcement from the EFF highlights the danger in relying on email for sensitive communication. Email protocol was never built with security in mind. Efforts to make email safer haven't seen widespread adoption because these solutions are "hacks" on top of legacy infrastructure, causing an error prone and clunky user experience.

It's clear that companies must invest to secure their internal and external communications. This investment in time and money must go into new future-proofed platforms that are built from the ground-up with security in mind. In 2018, businesses must re-evaluate how they communicate, opting to phase out email for secure communications solutions that are open-source, independently audited and end-to-end encrypted."

Picture: Shutterstock