German researchers have found a major vulnerability in PGP (Pretty Good Privacy), a popular email encryption program, which could reveal past and present encrypted emails.
Sebastian Schinzel, professor of computer science at Münster University investigated the flaw, tweeting that full details of the vulnerability will be available from 15 May.
He said: "they might reveal the plaintext of encrypted emails, including encrypted emails sent in the past."
We'll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. #efail 1/4
— Sebastian Schinzel (@seecurity) May 14, 2018
Since its release in 1991, PGP has been considered the standard for encrypted messages, holding place as one of the most popular methods of sending private emails.
Although, an obvious tail off came with the adoption of private messaging apps such as Signal or Telegram, offering end-to-end encryption.
The Electronic Frontier Foundation (EFF), a San Francisco-based digital rights group has reviewed the possible flaws and could confirm in a blog post that "these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages."
Details about the vulnerability have been released by the Suddeutsche Zeitung newspaper before its scheduled embargo.
How to protect against PGP flaw?
The advice of the EFF and Schinzel mirror one another: disable any plug-ins using PGP, stop sending and reading PGP-encrypted email and use other channels using end-to-end encryption like Signal for the time being.
The EFF has issued detailed tutorials on how to disable PGP encryption in the major email clients such as Outlook and Apple Mail.
It's believed that the vulnerabilities exist in the email clients themselves, rather than the PGP encryption protocol.
According to encryption software GNU Privacy Guard (GnuPG), the problem comes from email programs that fail to check for decryption errors properly and follow links in emails that included HTML code.
They figured out mail clients which don't properly check for decryption errors and also follow links in HTML mails. So the vulnerability is in the mail clients and not in the protocols. In fact OpenPGP is immune if used correctly while S/MIME has no deployed mitigation.
— GNU Privacy Guard (@gnupg) May 14, 2018
Werner Koch, principle author of GnuPG, described the issue as "overblown" by the EFF in a blog post today. He also noted that he was not contacted about the issue directly.
Right now there is no fix for the flaw, so taking extra precautions and using an alternative secure messaging service is the best temporary way to navigate the situation.