[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Only accepting e-mail from known parties

To: [email protected]
Subject: Re: Only accepting e-mail from known parties
From: [email protected] (Dr. Dimitri Vulis)
Date: Mon, 25 Dec 95 11:41:32 EST
Comments: #include <standard.disclaimer> || echo '+' >$HOME/.rhosts
In-Reply-To: <Pine.SUN.3.91.951225065654.26785C-100000@netcom16>
Organization: Brighton Beach Boardwalk BBS, Forest Hills, N.Y.
Sender: [email protected]

Jonathan Blake <[email protected]> writes:
> On Mon, 25 Dec 1995, Dr. Dimitri Vulis wrote:
>
> > As I keep pointing out, pgp-signing the body is not enough.
>
> 	You're wrong.

I'll be delighted if someone convinces me that I'm wrong about this.
I may even start using PGP signatures. :)

> 	You can setup Procmail to detect if something is signed
> 	with PGP, and if it is, to run a script which determines
> 	the authenticity of the signature.  If the signature is
> 	not authentic, the message goes to /dev/null.  That way,
> 	even if Carol is using intercepted messages from Bob, Carol's
> 	messages won't be accepted or seen.

Carol needn't put her real name in the "From:" line.  Much of the unsolicited
commercial junk e-mail comes from bogus addresses.

I said, Carol can *forge* the RFC 822 header, so her e-mails look like they
came from Bob, and use the body from Bob's authentic PGP-signed message.

For example, Bob may have once sent Carol an e-mail that looked like this:

-----------------------------------------------------------------------
From: Bob
To: Carol
Date: 25 Dec 1965
Subject: Carol, we're history
Message-ID: <111@bob>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

"Ask not what your country can do to you, but what you can do to your country"

-----------------------------------------------------------------------

Carol can *easily* forge an e-mail to Alice that looks like this:

-----------------------------------------------------------------------
From: Bob
To: Alice
Date: 25 Dec 1995
Subject: Alice, we're history
Message-ID: <222@bob>

----BEGIN PGP SIGNED MESSAGE----

I no longer wish to go out with you. Merry Christmas!

----BEGIN PGP SIGNATURE----
Version 2.6.2

12341234...

----END PGP SIGNATURE----

"Sex with Carol was the greatest sex I've ever had"

-----------------------------------------------------------------------

The e-mail is sent by Carol, but the RFC 822 header says "From: Bob".
If you think this is hard to accomplish, take a look, e.g., at the source
code the Lance Cotrell's mixmaster and see how it talks to sendmail.

The PGP-signed portion is copied verbatim from an authentic message.

Alice _may_ notice that the _Received:_ headers are weird, but this
forgery will certainly pass through a script that checks signatures.
E.g., this trick could be used to mailbomb someone with many copies
of the same authentic e-mail.

That's because PGP only signed a portion of the body, not the important
headers like "Date:", "To:", "Subject:", and "Newsgroups:", nor the .sig.

Happy holidays,

---

<a href="mailto:[email protected]">Dr. Dimitri Vulis</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

Follow-Ups:
- Re: Only accepting e-mail from known parties
  - From: Adam Shostack <[email protected]>
- Re: Only accepting e-mail from known parties
  - From: Jonathan Blake <[email protected]>

References:
- Re: Only accepting e-mail from known parties
  - From: Jonathan Blake <[email protected]>

Prev by Date: Re: Only accepting e-mail from known parties
Next by Date: Re: Only accepting e-mail from known parties
Prev by thread: Re: Only accepting e-mail from known parties
Next by thread: Re: Only accepting e-mail from known parties
Index(es):
- Date
- Thread