Efail - Breaking S-MIME and OpenPGP Email Encryption Using Exfiltration Channels

Efail - Breaking S-MIME and OpenPGP Email Encryption Using Exfiltration Channels

Black Hat via YouTube Direct link

Malleability of CBC/CFB

12 of 21

12 of 21

Malleability of CBC/CFB

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Efail - Breaking S-MIME and OpenPGP Email Encryption Using Exfiltration Channels

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 History of secure email
  3. 3 Two competing standards
  4. 4 Motivation for using end-to-end encryption
  5. 5 Both standards use old crypto
  6. 6 Old crypto has no negative impact
  7. 7 Backchannel techniques
  8. 8 Evaluation of backchannels in email clients
  9. 9 Attacker model
  10. 10 Hybrid encryption
  11. 11 Hybrid malleability of CBC/CFG
  12. 12 Malleability of CBC/CFB
  13. 13 Overview
  14. 14 Practical Attack against S/MIME
  15. 15 OpenPGP - Integrity Protection
  16. 16 RFC4880 on Modification Detection Codes
  17. 17 OpenPGP - Compression (DEFLATE)
  18. 18 Impact on the standards
  19. 19 Direct exfiltration - Demo Time
  20. 20 Conclusions
  21. 21 Black Hat sound bytes

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.