Jeff Abrahamson on Thu, 4 Sep 2003 10:51:14 -0400

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] gpg spoof?

On Thu, Sep 04, 2003 at 10:28:51AM -0400, David Shaw wrote:
>   [40 lines, 300 words, 1890 characters]  Top characters: etnsioa_
> On Thu, Sep 04, 2003 at 08:39:46AM -0400, Jeff Abrahamson wrote:
> > I received an encrypted and signed email which I decrypt and verify by
> > piping through gpg (no options). The output looked like below (the
> > part indented by two spaces).
> > 
> > In mutt, I type "|gpg<return>"
> > 
> > Now, I don't suspect Erin was trying to spoof me, and she had enclosed
> > a semi-random string that I had encrypted to her. So this one case
> > doesn't bother me.
> > 
> > But, in general, how can I distinguish between the end of the
> > encrypted message and the beginning of the "gpg: Signature ..." stuff?
> > Couldn't someone just include such a (forged) signature block at the
> > end of their message, then encrypt the whole thing without signing,
> > and so convince me that the message was signed by someone else?
> This is a known attack against signature systems that display the
> signature status along with the message text.  The mutt mail reader
> had this problem (and resolved it in part by putting the current time
> in the verification message, outside of the GnuPG output).
> In the case of GnuPG, there are several ways to prevent being fooled:
> 1) Note that the signature verification message and the message itself
>    go to two different file descriptors.  The message goes to stdout,
>    but the verification goes to stderr.
> 2) Decrypt to a file (gpg -o decrypted.txt).  The file gets the
>    plaintext and the signature will still show up on the console.  If
>    you see a signature in the file, it's a spoof.
> That said, I'm not opposed to a more rigorous warning... I need to
> think about that a bit more.

Could gpg use the same solution that mutt used: add a line that says,
"Signature verified at `date`"?


 Jeff Abrahamson  <>
 GPG fingerprint: 1A1A BA95 D082 A558 A276  63C6 16BF 8C4C 0D1D AE4B

Attachment: pgpOubiROrLCx.pgp
Description: PGP signature