Site hosted by Angelfire.com: Build your free website today!

vulnerability in the pgp viewer



The way that the pgp viewer is implemented, allows for a composite forgery of a signed and encrypted pgp message to appear , when viewed using the 'current window'/'decrypt and verify' option in pgp 7.xx and 6.xx

It also allows for forged additions to be placed at the end of a pgp encrypted message [on the line immediately following the footer] and appear in the pgp viewer as if it were part of the pgp message.



the first example of this is in a pgp message on one of my webpages.

before being able to view it, you will need the private pgp key
that it is encrypted to, 'test@key.test' and the passphrase:

the key pair 'test@key.test' is here below:


-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: 6.5.8ckt build 5
Comment: Acts of Kindness better the World, and protect the Soul

lQOgAzroPPgAAAEIANnTx/gHfag7qRMG6cVUnYZJjLcsdF6JSaVs+PUDCZ8l2+Z2
V9tgxByp26bymIlq5qFFeoA5vCiKc8qzYiEVLJVVIIDjw/id2gq/TgmxoLAwiDQM
TUKdCFa6pmR/uaxyrnJxfUA7+Qh0R0OjoCxNlrmyO3eiKstsJGqSUFIQq7GhcHc4
nbV59zHhEWnH7DX7sDa9CgF11WxM3sjWp15iOoP1nixhmchDtQ7foUxLsCF36G/4
ijcbN2NjiCDYMFburN8fXgrQzYHAIIiVFE0J+fbXNfPRmnbhQdaC8rIdiQ3tExBb
N0qWhGPT9M4JOZd1yPdFMb9gbntd8VZkiPd6/3sABREDXB5zk3GNdSkH/+/447Kq
hR9uM+UnZz7wDkzmt+7xbNg9F2pr/tghVCM7D0PO1YjH4DBpU1ZRO+v1t/eBB/Jd
3lJYdlWYHOefJkBi44gNAafZ8ysPOJk6OGOjas/sr+JRFiX9Mgzrs2IDiejmuA98
DLuSuNtzFKbE2/DDdOBEizYUjqPLlCdn5sVEt+0WKWJiAv7YonCGguWS3RKfTaYk
9IE9SbI+qph9JsuyTD22GLv+gTMvwCkC1DVaHIVgzURpdnlyYyz4DBh3pAgg0nh6
gpUTsjnUmrvdh+r8qj3oXH7WBMhs6qKYvU1Go5iV3S1Cu4H/Z/+s6XUFgQShevVe
VCy0QtmWSFeySekEACHLJIdBDa8K4dcM2wvccz587D4PtKvMG5j71raOcgVY+r1k
e6au/fa0ACqLNvn6+vFHG+Rurn8RSKV31YmTpx7J5ixTOsB+wVcwTYbrw8uNlBWc
+IkqPwHrtdK95GIYQykfPW95PRudsOBdxwQW4Ax/WCst3fbjo0SZww0Os+3WBADJ
/Nv0mjikXRmqJIzfuI2yxxX4Wm6vqXJkPF7LGtSMB3VEJ3qPsysoai5TYboxA8C1
4rQjIoQjA+87gxZ44PUVxrxBonITCLXJ3GsvDQ2PNhS6WQ9Cf89vtYW1vLW65Nex
+7AuVRepKhx6Heqdf7S03m6UYliIglrEzgEWM1XrOwP/gLMsme4h0LjLgKfd0LBk
qSMdu21VSl60TMTjxav149AdutzuCVa/yPBM/zLQdlvQoGYg2IbN4+7gDHKURcSx
DgOAzCcEZxdMvRk2kaOI5RRf5gV9e+ErvEMzJ/xT8xWsi+aLOhaDMbwq2LLiK2L+
tXV/Z3H/Ot4u3E7H+6fHPElFYbQUdGVzdCA8dGVzdEBrZXkudGVzdD4=
=Exp/
-----END PGP PRIVATE KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 6.5.8ckt build 5
Comment: Acts of Kindness better the World, and protect the Soul

mQENAzroPPgAAAEIANnTx/gHfag7qRMG6cVUnYZJjLcsdF6JSaVs+PUDCZ8l2+Z2
V9tgxByp26bymIlq5qFFeoA5vCiKc8qzYiEVLJVVIIDjw/id2gq/TgmxoLAwiDQM
TUKdCFa6pmR/uaxyrnJxfUA7+Qh0R0OjoCxNlrmyO3eiKstsJGqSUFIQq7GhcHc4
nbV59zHhEWnH7DX7sDa9CgF11WxM3sjWp15iOoP1nixhmchDtQ7foUxLsCF36G/4
ijcbN2NjiCDYMFburN8fXgrQzYHAIIiVFE0J+fbXNfPRmnbhQdaC8rIdiQ3tExBb
N0qWhGPT9M4JOZd1yPdFMb9gbntd8VZkiPd6/3sABRG0FHRlc3QgPHRlc3RAa2V5
LnRlc3Q+iQEVAwUQOug8+PFWZIj3ev97AQH7NQgAo3sH+KcsPtAbyp5U02J9h3Ro
aiKpAYxg3rfUVo/RH6hmCWT/AlPHLPZZC/tKiPkuIm2V3Xqyum530N0sBYxNzgNp
us8mK9QurYj2omKzf1ltN+uNHR8vjB8s7jEd/CDCARu81PqNoVq2b9JRFGpGbAde
7kQ/a0r2/IsJ8fz0iSpCH0geoHt3sBk9MyEem4uG0e2NzlH2wBz4H8l8BNHRHBq0
6tGH4h11ZhH3FiNzJWibT2AvzLCqar2qK+6pohKSvIp8zEP7Y/iQzCvkuOfHsUOH
4Utgg85k09hRDZ3pRRL/4R+Z+/1uXb+n6yKbOmpmi7U7wc9IwZxtTlGXsNIf+Q==
=7h3m
-----END PGP PUBLIC KEY BLOCK-----


the passphrase is: test@key.test
{exactly the same as the key name, including the @, and the . between key and test}


{ N.B.   Before clicking on any links on this page, please read the important pgp signed notice at the end of this page's text. Thanks }

 the webpage is here: composite forgery of pgp signed and encrypted message

{for those using pgp 8, the example is here:}
composite forgery of pgp signed and encrypted message / for the modified signature verification block in pgp 8



the second example is here:
forged additions to an encrypted, but unsigned, pgp message


the forgery is not limited to documents in html, but can also be done in pdf and word and word perfect formats, with the added advantage that the 'additions' do *not* become visible when the pgp message is highlighted for decryption, but appear as only a 'tiny' blank highlighted line fragment that is easily overlooked.
the disadvantage is that the verification time is static, and 'off'
{n.b. the 'additions' are not visible at all in the Opera , or Star Office browsers,
there is just empty extra space highlighted}

it can be done by simply adding the 'forged additions' in the word processor, changing them to 1 point type, and formatting the font color to white, and the background to white.

as most people expect to see word, word perfect or pdf documents in a white background, they may not suspect this.
furthermore, at 1 point type, no text will be visible when pgp highlights the message to decrypt it, and it may go
un-noticed.
then, if one does not make it a habit to look at the verification time and date, one can be deceived. { n.b. Adobe pdf needs 2 point type rather than 1 point }

In the second example, there is no verification time, so there is a much greater vulnerability to those who accept encrypted but unsigned pgp messages in html, Word, or Word Perfect.

{also, if one routinely uses the 'view/spaces' option in the word processor, a dot is present and visible between each word in word and word perfect, in the 'additions', but still remains invisible in the pdf rendered from these documents, }

here are examples of the signed and encrypted composites, but with a 'static' verification time:
an example in 'word' is here: 703wpef1.doc
and an example in pdf form is here: 7xwpef2.pdf
note that in the 'word' example, there is a 'tiny' tell-tale blinking cursor at the beginning, in front of the 'blank' additions.
this is not present in the .pdf example

here is an example of an addition only at the end of the file: ea1.doc
note that this time, there is no tell-tale cursor at the beginning, and no verification time to alert the receiver to the forgery

here is what the pgp viewer looks like with the *fix* options enabled in pgp 6.5.8, build 6:




as can be seen, no 'additions' will be visible,
and any verification lines, and BOF and EOF lines,
will be custom verified for each user.

the 'vnv' is my own customization of the verification block,
but it can be changed
according to the individual preferences of the user,
as well as having the option for a time and date preface
for each line of the verification block, and BOF, and EOF lines.


here is what the build 6 options panel looks like:






it is my hope, that new pgp users, who still like the customizable stationery of e-mail with html, are alerted to this type of vulnerability, in html e-mail, attachments of pgp messages in the form of PDF, or Word, or Word Perfect documents, and pgp messages on webpages.

the ones most vulnerable, are those who set their e-mail client for 'automatic decryption' and allow their decrypting passphrases to be cached in PGP.

until one is using a version of pgp where this is not a problem, it would be advisable to check for any 'additions' before decrypting.
this can be done by using the 'current window' to decrypt, but clicking 'cancel' when the pgp window opens and asks for the passphrase.
then open 'notepad', and click on 'paste', and the exact contents of the 'current window' additions and all, will be pasted into notepad.

n.b. this is not limited to pgp messages, but is a useful way to utilize the pgp viewer to see if anything is 'hidden' in documents, or test on webpages.


hope this has been helpful and interesting,
my apologies to those sophisticated and experienced users who would not be fooled by such a forgery

for any comments, suggestions, flames, etc.

my preferred e-mail address is here: vedaal at nym dot hush dot com
please use the above e-mail address, there is simply more space and better security and spam protection at this hushmail address

thanks,

vedaal





-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

N.B.

it has come to my attention that there are ads for pgp related products 
on my pages.

any ads on my pages are done *without* my consent or awareness.

i set my pages up taking care to avoid any ads *at all* on the page itself,
and chose the option of having separate pop-ups instead, which the reader
can close at will

the presence of 'embedded' ads for pgp related products, is something 'new'
which
i have seen today for the first time.
(ordinarily i use the opera browser which does not show the embedded ads,
but happened to check my page today using a netscape browser)

the *only* 'commercial' pgp products that i have tried and recommend are:

[1]PGP 8.x (currently distributed by the PGP Corporation)
[2]PGP 6.5.8 commandline (currently distributed by NAI)
[3]Hushmail, and Hushmail products/services

i have purchased my own copy of PGP Personal edition,
and encourage any/all who can afford it, to purchase a copy,
and support the PGP Corporation,
and its generosity in providing free editions for personal use.

with Thanks, Appreciation, and Respect,
to the current and previous PGP owners, 

vedaal

Sept.2, 2003

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt http://www.ipgpp.com/
Comment: Acts of Kindness better the World, and protect the Soul
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423  D9AE 02FD A711 97BA

iQEVAwUBP1ZhBGoFoLeFMG0lAQNfFgf/TCJGex5xEKFFPcDr/OC5Xr7qWMTWj8Mn
/UfClehAwacb8yPc0zgzuiiDC1Bc/X2FmWSoC66uVOokuY7PLxszNbEYgztP4WiY
U2mwsLtlDG+a21xx3BsowXQVHJ8F4V93KiBGqouS1RsSWpyoERQnhODIp82BNi+Y
m/oUby29uJkk4S6eljKDQuXgH2Lhr8KELvnKTfncMRVfmOJg+oZcMHmWy9sNN6k/
FpH8YK90ZDfshDzfMH6dKkFzFrtKPT+mxrsCFb5XS8HzcDQAoR1pBEZfrSW9L1uJ
mVHB6BUg+ratqqn0qBflqR6DWL90jI9ENQhKaH7SuY2m8wVQ864IOg==
=Cr5p
-----END PGP SIGNATURE-----



View My Guestbook
Sign My Guestbook



get this gear!



pgp, steganography, and crypto links

Tom McCune's PGP faq page {*First* place for beginners}
International PGP homepage {not affiliated with NAI}
Disastry's updated, enhanced version of 2.6.3i
PGP Corporation // current PGP owners/developers
Phil Zimmermann's homepage
GnuPG homepage
Diceware PGP passphrase guidance page
Sam Simpson's PGP faq page
excellent steganography software collection
excellent steganography page, with documentation, and links
demonstration of steganography vulnerability
The Flamel - Davinci Clairvoyancy Algorithm // (spoof)
pass-strings ~ a Diceware method for single character strings {as opposed to words} for passphrases
a compilation of pgp oddities
a true-type *invisible* font (win 9x) ;^)
a true-type *invisible* font (win 2k / xp) (this one is better 8^) )
TrueCrypt (excellent open source free encrypted container program)
Eraser (excellent 'erasing' program)
Torduninja's (preserved//updated) Crypto Page
**********************************************************
my open-pgp e-mail keys

cryptography quotes

Sam Simpson's excellent crypto quotes collection
fictitious quotes by famous fictional characters

Disastry's last version, PGP-2.6.3ia multi06

re-creation of Disastry's PGP site // PGP-2.6.3ia-multi-06 with sourcecode
*************************************
download zip file directly from my site