Re: PGP Signed Messages

From: Kurt Seifried (bugtraqat_private)
Date: Mon Oct 15 2001 - 14:32:31 PDT

  • Next message: Eduardo Diaz: "RE: Civil Disobedience"

    Yes and no. When you verify the message a box comes up, with the following
    (for example):
    
    ==================
    *** PGP Signature Status: good
    *** Signer: Kurt M. Seifried  <seifriedat_private>
    *** Signed: 10/15/01 3:25:13 PM
    *** Verified: 10/15/01 3:27:21 PM
    *** BEGIN PGP VERIFIED MESSAGE ***
    
    test testijng. 1 2 3.
    
    Kurt
    
    *** END PGP VERIFIED MESSAGE ***
    ==================
    
    the rest is ignored (i.e. the stuff I stuck in after -----BEGIN PGP
    SIGNATURE-----). If people don't bother to check the signature (very very
    very common!) then it doesn't matter much. Iused to sign all my email with
    PGP for a while, then started forging them and no-one complained. Hell, I've
    seen security alerts with totally messed up MD5 sums/signatures/etc/etc and
    after notifying the appropriate people typically gotten a "yeah we made a
    mistake, but only 3 people noticed". One reason for X.509 instead of PGP for
    email, clients automatically check stuff and display a nasty warning (in
    outlook anyways) if it isn't signed right, has been modified/etc. Also
    another reason why you should ENCRYPT sensitive data aswell as sign it.
    
    BTW PGP key ID's can easily be faked, you can make arbitrary keys with any
    PGP key ID you want. Don't forget to include the fingerprint (at least then
    it's only mostly useless as opposed to completely useless).
    
    Kurt Seifried, kurtat_private
    A15B BEE5 B391 B9AD B0EF
    AEB0 AD63 0B4E AD56 E574
    http://www.seifried.org/security/
    
    
    
    ----- Original Message -----
    From: "[Segmen]" <dontpanic999at_private>
    To: <vuln-devat_private>; <bugtraqat_private>
    Sent: Monday, October 15, 2001 9:27 AM
    Subject: PGP Signed Messages
    
    
    > It occurred to me today what a bad idea the Comment Field is in PGP signed
    > messages. Altering the Comment filed does not affect the validity of the
    > signature, but to the non experienced PGP/GPG user it certainly appears to
    > be part of the message.
    >
    > well, you get the idea. The signature is still valid.
    >
    > Agreed that only the beginner crypto user would fall for this, but if they
    > were to read the message and then just use PGP to check the validity, they
    > could be tricked into believing that the extra lines were part of the
    > verified message.
    > Does anybody else think this is quite a bad idea?
    >
    >
    > --
    > PGP Key ID : 0x897D43BA
    > SDF Public Access UNIX System - http://sdf.lonestar.org
    > UKChat - http://www.ukchat.com
    



    This archive was generated by hypermail 2b30 : Mon Oct 15 2001 - 16:59:32 PDT