OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Ben Setnick (benratbert.org)
Date: Mon Oct 15 2001 - 14:08:43 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Below are both messages once they have been verified. Notice that the
    signature block along with the comment field are not present in the verified
    messages, and your original message appears unaltered.

    *** PGP Signature Status: good
    *** Signer: [Segmen] <dontpanic999yahoo.com> (Invalid)
    *** Signed: 10/15/2001 10:16:15 AM
    *** Verified: 10/15/2001 2:05:53 PM
    *** BEGIN PGP VERIFIED MESSAGE ***

    Hello, meeting cancelled, speak to you soon.

    *** END PGP VERIFIED MESSAGE ***

    I could change this to :

    *** PGP Signature Status: good
    *** Signer: [Segmen] <dontpanic999yahoo.com> (Invalid)
    *** Signed: 10/15/2001 10:16:15 AM
    *** Verified: 10/15/2001 2:05:53 PM
    *** BEGIN PGP VERIFIED MESSAGE ***

    Hello, meeting cancelled, speak to you soon.

    *** END PGP VERIFIED MESSAGE ***

    -----Original Message-----
    From: [Segmen] [mailto:dontpanic999yahoo.com]
    Sent: Monday, October 15, 2001 10:28 AM
    To: vuln-devsecurityfocus.com; bugtraqsecurityfocus.com
    Subject: PGP Signed Messages

    It occurred to me today what a bad idea the Comment Field is in PGP signed
    messages. Altering the Comment filed does not affect the validity of the
    signature, but to the non experienced PGP/GPG user it certainly appears to
    be part of the message.

    Example :

    A generic message I could have got hold of :

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hello, meeting cancelled, speak to you soon.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 7.0.4

    iQA/AwUBO8r9v9nrfc+JfUO6EQLrEACgv6+C07aWgAO+Dna0MHgEDaoDMxEAoJ2P
    7gojqeCRqKqTkbFMkHCToxtq
    =lki3
    -----END PGP SIGNATURE-----

    I could change this to :

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hello, meeting cancelled, speak to you soon.

    -----BEGIN PGP SIGNATURE-----
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Please Send the Confidential Files from the planned meeting to
    My colleague Instead at mehost.com . He will now be dealing with
    this matter.
    Speak to you soon, victim.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 7.0.3

    iQA/AwUBO8r9v9nrfc+JfUO6EQLrEACgv6+C07aWgAO+Dna0MHgEDaoDMxEAoJ2P
    7gojqeCRqKqTkbFMkHCToxtq
    =lki3
    -----END PGP SIGNATURE-----

    well, you get the idea. The signature is still valid.

    Agreed that only the beginner crypto user would fall for this, but if they
    were to read the message and then just use PGP to check the validity, they
    could be tricked into believing that the extra lines were part of the
    verified message.
    Does anybody else think this is quite a bad idea? 

    --
PGP Key ID : 0x897D43BA
SDF Public Access UNIX System - http://sdf.lonestar.org
UKChat - http://www.ukchat.com

    _________________________________________________________
Do You Yahoo!?
Get your free yahoo.com address at http://mail.yahoo.com