IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Charlas Invitadas > 2017 > 15 Years of Broken Encrypted Emails... and We're Still Doing It Wrong
Esta página aún no ha sido traducida. A continuación se muestra la página en inglés.

Alfredo Pironti

viernes 3 de marzo de 2017

11:00am Meeting room 302 (Mountain View), level 3

Alfredo Pironti, Researcher, IOActive

15 Years of Broken Encrypted Emails... and We're Still Doing It Wrong

Abstract:

Starting from a research paper of 2001, we show how OpenPGP encryption of emails is fundamentally broken. We show how an attacker can get hold of sensitive email content by tampering with email data that the user would expect to be protected. We apply this attack against PGP-enabled email addresses used to report vulnerabilities to software vendors – and we get more than 50% of the submitted reports. Based on currently available information, we believe that recent End-to-End secure email projects still suffer from these same known issues.