• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OpenPGP Cipher Feedback Mode Chosen-Ciphertext Partial Plaintext Retrieval Vulnerability

OpenPGP is reported prone to a vulnerability that may theoretically allow attackers to retrieve partial plaintexts from encrypted OpenPGP messages.

It is reported that a proof of concept chosen-ciphertext attack method has been developed that exploits a flaw in OpenPGP to retrieve partial plaintexts from OpenPGP messages encrypted with symmetric encryption. Apparently when messages are encrypted with the CFB mode, a design flaw in an integrity check feature can be exploited.

The attack is also limited in the amount of information that can be disclosed from an encrypted message. Apparently, only partial disclosure of a message is possible.

The OpenPGP standard is reported vulnerable to this issue. It is not known whether PGP or GNU Privacy Guard or other implementations are vulnerable. This BID will be updated when more information becomes available.