[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP hole

> 	Yes, this was a deliberate design decision, most probably so the 
> same code could be used to parse --- BEGIN PGP ENCRYPTED MESSAGE --- and 
> --- BEGIN PGP SIGNATURE ---. However, this is a _huge_ security hole, as 
> it allows the nearly-undetectable modification of PGP-signed messages.

It's nowhere near undetectable.  When you ask pgp to check the signature,
pgp writes the signed message to a file (or to stdout), and that output
does not include the {header/junk/extra stuff} between the BEGIN line and
the blank line. 

I don't like this bug/feature, but I don't see it as a serious security
problem for users who are aware of it.  I do think it could be a problem
for users who are not aware of it, and who incorrectly assume that the
"good signature" message means that the {header/junk/extra stuff} was part
of the signed material. 

--apb (Alan Barrett)