News of a potentially serious S/MIME and PGP vulnerability was released today. The proposed attack works by modifying an encrypted email in a very specific way, either while in transit, or in the victim’s email account. The victim’s email client then decrypts the message and attempts to load an external link that was modified or injected. An example would be an HTML image in an email signature. The modification will take part or all of the plain-text message and include it as part of the URL web request to the attacker’s domain, potentially ex-filtrating the plain-text to the attacker. A thorough explanation and full text of the vulnerabilities is available online at https://efail.de/efail-attack-paper.pdf. The corresponding vulnerability number for the S/MIME is CVE-2017-17689.

Does This Affect GlobalCerts’ Solutions?

The short answer is ‘No’. The GlobalCerts Securemail Gateway (SMG) is a gateway-level encryption and decryption solution. This is also true for our hosted service, Fast&Secure. This means that when S/MIME secured emails are sent between organizations that are using the SMG, The decryption of the email is done on the SMG server itself when received, and then securely relayed via TLS to the recipient’s mail server. The SMG uses TLS whenever possible when transmitting all email, including S/MIME. This additional layer of encryption prevents an attacker from effectively modifying (in transit) either the email header or the S/MIME part to execute this attack.

GlobalCerts also uses ‘triple-wrapping’ to digitally sign, encrypt, and then sign the email again. If the outside signature does not match because the contents have been modified, the server does not decrypt the message. Further, if the MIME structure is modified to inject additional HTML parts before/after the encrypted MIME content, the message is not decrypted.

Note: If you have set up your SMG to perform S/MIME encryption to 3rd parties that DO decrypt their emails at the mail client level, there is the possibility that these messages could be exposed if that 3rd party is using a vulnerable mail client to access these secured emails. The safest and easiest way for them to mitigate this vulnerability will be to disable remote content and HTML email support in the mail client until a patch to their mail clients can be installed to address this. Your SMG administrator may also disable S/MIME use with these 3rd parties. For more information or assistance, please contact GlobalCerts at support@globalcerts.net

Please check back to this post for more information as it becomes available.

Sources:

Poddebniak, Damian et al. (Efail: Breaking S/MIME and OpenPGP Email Encryption using
Exfiltration Channels. Retrieved from https://efail.de/efail-attack-paper.pdf

CSO, (2018 May 14). EFAIL: Critical PGP and S/MIME bugs could reveal plaintext of encrypted emails. Retrieved from https://www.csoonline.com/article/3272825/security/efail-critical-pgp-and-smime-bugs-could-reveal-plaintext-of-encrypted-emails.html.

Nichols, Shaun, (2018 May 14). S/MIME, PGP, OMG! EFAIL encryption flaw leaves emails vulnerable to secret snooping. Retrieved from https://www.theregister.co.uk/2018/05/14/smime_pgp_encryption_flaw_emails_vulnerable_to_snooping/.