Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/openpgp: remove support for unauthenticated messages #25388

Open
FiloSottile opened this issue May 14, 2018 · 0 comments
Open

x/crypto/openpgp: remove support for unauthenticated messages #25388

FiloSottile opened this issue May 14, 2018 · 0 comments

Comments

@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented May 14, 2018

Messages without authentication tags (called MDC by OpenPGP) can be modified by an attacker. Malleable plaintexts lead to all sorts of attacks, the latest example being EFail.

The spec is hopelessly broken in therms of downgrade protection, so a message originating with a MDC can be stripped to look like a normal message without MDC. So the only fix is to disable support for MDC-less messages entirely.

Also, MDC were added in 2001, and it's 2018.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants