EFAIL: Critical Flaw in PGP Implementations in Email Clients
May 16th, 2018Via: EFAIL:
The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs.
“The emails could even have been collected years ago.”
Yes. Even without EFAIL, all PGP-type traffic they have been collecting is not quantum secure. Either that traffic is already available to U.S. Intelligence or will be soon.
I’ve assumed that they have had a quantum capability for years.
Also, I wonder if EFAIL is the “Enormous Breakthrough” Bamford mentioned back in 2012:
https://www.cryptogon.com/?p=28078
According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US.
About a decade ago, I was pretty sure the government did not have the capability of realtime monitoring of global communications en masse, but this story’s a reminder that as the cost of memory plummets and the speed of processing increases, even without full capability, communications can be sorted, prioritised and stored until ripe for the picking.
Kevin, if they do have full quantum capability, other than improved surveillance, what do you think that would imply on a grander scale? For example, what influence might that have on weapons development, international currency transactions and cryptos, economics modelling…and AI?
I’ve only looked into the implications for some applications that rely on elliptic-curve cryptography, mainly PGP type systems and Bitcoin.
In addition to the email issue, the implications for Bitcoin are potentially dire.
This is from the QRL (Quantum Resistant Ledger) whitepaper:
Public quantum computer development has not passed beyond 2^5 qubits or the factorisation of small numbers (15 or 21). However, in August 2015 the NSA deprecated elliptic curve cryptography ostensibly based upon quantum computing concerns. It is unclear how advanced quantum computing may be presently or that any breakthroughs in this field will be publicised to allow cryptographic protocols in common usage in the internet to be made post-quantum secure. With somewhat anti-establishment origins, bitcoin could find itself the earliest target of an adversary with a quantum computer.
If a significant quantum computing advance were to occur publicly, node developers could implement quantum-resistant cryptographic signature schemes into bitcoin and encourage all users to move their balances from ECDSA-based addresses to new quantum-safe addresses. To mitigate the proportion of effected addresses it would be reasonable to disable public key recycling at the protocol level. Such a planned upgrade would also result in the possible movement of the 1 million coins belonging to Satoshi Nakamoto – with associated price volatility.
A less favourable scenario would be a silent non-linear quantum computing advance followed by a nuanced quantum computing attack on bitcoin addresses with exposed public keys. Such thefts could have a devastating effect upon the bitcoin exchange price due to new heavy sell pressure and a complete loss of confidence in the system as the scale of thefts become known. The role of bitcoin as a store of value (‘digital gold’) would be very badly damaged with extreme consequences for the world. In this context the authors believe it is reasonable to experiment with quantum-resistant cryptographic signatures in a cryptocurrency ledger and potentially create a backup value store in the event of a black swan.
—
NSA stopped relying on elliptic curve cryptography back in 2015.
So…
With half a roll of Reynolds Wrap around one’s skull, it wouldn’t be too surprising to see something like the following scenario unfold:
At some point, Bitcoin could have a very, very bad day. Someone with a quantum capability could crash Bitcoin after betting on the decline beforehand using the futures. No need to deal with actual Bitcoin during the ensuing chaos. Bitcoin futures settle in cash.
Thanks for taking the time on that. Grateful.
You’re welcome.
IBM warns of instant breaking of encryption by quantum computers: ‘Move your data today’
https://www.zdnet.com/article/ibm-warns-of-instant-breaking-of-encryption-by-quantum-computers-move-your-data-today/