Send email Copy Email Address

2022-10-18
 

Prof. Dr. Sebastian Schinzel from the University of Applied Sciences Münster

Prof. Dr. Sebastian Schinzel will give a talk on  „Email (in)security: room for improvement or lost cause?“ Tuesday, 18th of October,  10 CEST


„Email remains the most widely used and presumably the most  important digital communication medium on the Internet. But what is the  current state of research regarding the security of emails? In this  talk, I’ll present three research papers covering this topic."

1. The Security of STARTTLS in the email context.
SMTP, IMAP and POP3 are plain text protocols that were designed in the  early 80s. They did not provide authenticity and confidentiality of  emails. Later, in the late 90s, the protocols were extended to support  TLS. For this, STARTTLS commands were introduced to the protocols. The  USENIX Security 2021 paper „Why TLS is better without STARTTLS“ 
uncovered novel vulnerability in the STARTTLS technology.

2. Novel oracle attacks against S/MIME and OpenPGP.
Padding oracle attacks such as Bleichenbacher’s „Million Questions  Attack“ or Vaudenay’s Attack against PKCS#7 padding are well-known and  were used to break encryption protocols such als TLS or XML Encryption.  S/MIME and OpenPGP use similar cryptographic constructions and are — at  least in theory — also vulnerable to these attacks. The attacks were  thought to be not exploitable in the email context because the victim  would need to open encryption attacker mails, decrypt them and manually  communicate the result of the encryption to the attacker. The USENIX  Security study 2023 „Content-Type: multipart/oracle - Tapping into  Format Oracles in Email End-to-End Encryption“ analyzes ways to  practically exploit these vulnerabilities in the email context.

3. Expert usability study of email encryption using OpenPGP.
Multiple research papers in the last 20 years showed that email encryption with OpenPGP is hard to use, especially for laymen without  deep technical knowledge. But are expert users able to use it properly?  For example, are expert users able to detect spoofed emails that try to  mimic valid signatures? In the study „"I don’t know why I check 
this...'' - Investigating Expert Users' Strategies to Detect Email  Signature Spoofing Attacks“ (USENIX SOUPS 2022), we confronted expert  users with emails that may or may not have forged email signatures. The  study uncovered that even expert users struggle to detect spoofed emails with forged digital signatures.

Bio
 „Prof. Dr. Sebastian Schinzel is full professor for IT security  at the University of Applied Sciences Münster and leads the IT security research group. His reasearch topics are applied cryptography, system  security and medical IT security."