[Top] [All Lists]

Re: [smime] Message takeover attacks against S/MIME

2016-01-28 22:37:26
Russ Housley <housley(_at_)vigilsec(_dot_)com> writes:

Take a look at this article:

Is there interest in updating the S/MIME specification to use authenticated-

It looks like a pretty contrived attack, you need to be able to truncate a
message, both at the start and end, on a 16-byte boundary to turn a signed
message into a plain, unsigned one, and still have the client accept the
result as a valid message.  They found one client that does that, but that
sounds more like a buggy client than a major problem (none of the others did

In any case the fix should be pretty minimal, if anything is required at all:
If the SMIMECaps in the cert you're encrypting for indicates authEnc, use
that.  My code already does that and possibly other impementations do too.

smime mailing list