Efail - Breaking S-MIME and OpenPGP Email Encryption Using Exfiltration Channels

Explore a critical security presentation from USENIX Security '18 that unveils novel attacks on OpenPGP and S/MIME email encryption standards. Delve into the concept of malleability gadgets and how they can be exploited to reveal encrypted email content. Learn about CBC/CFB gadgets and their role in injecting malicious plaintext into encrypted emails, as well as the use of HTML, CSS, and X.509 functionality in these attacks. Understand the implications of these vulnerabilities, which affect emails collected in the past and can be triggered upon decryption. Examine the impact on various email clients, with 23 out of 35 S/MIME and 10 out of 28 OpenPGP clients found vulnerable. Gain insights into the need for updating encryption standards and addressing implementation flaws in email clients to enhance security.

Intro
Motivation for email encryption
Security of email encryption
Backchannel techniques
Malleability of CBC
Attacking S/MIME
Attacking OpenPGP
Impact on the standards
Conclusions