A Security Audit of the OpenPGP Format
| Title | A Security Audit of the OpenPGP Format |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Barenghi, A., Mainardi, N., Pelosi, G. |
| Conference Name | 2017 14th International Symposium on Pervasive Systems, Algorithms and Networks 2017 11th International Conference on Frontier of Computer Science and Technology 2017 Third International Symposium of Creative Computing (ISPAN-FCST-ISCC) |
| Keywords | authenticated package distributions, authorisation, computer security, context-free grammars, context-free languages, deterministic context free grammar, deterministic context free language, Electronic mail, email authenticity, email confidentiality, formal specification, GNU Privacy Guard, GnuPG, Grammar, Human Behavior, language theoretical analysis, language-theoretic security, malicious input data, open source Unix systems, OpenPGP, OpenPGP format, OpenPGP format specification, OpenPGP implementations, pattern classification, PGP, Production, Protocols, pubcrawl, public domain software, Public key, Resiliency, Scalability, security audit, Security Audits, security vulnerabilities, Symantec PGP, Unix |
| Abstract | For over two decades the OpenPGP format has provided the mainstay of email confidentiality and authenticity, and is currently being relied upon to provide authenticated package distributions in open source Unix systems. In this work, we provide the first language theoretical analysis of the OpenPGP format, classifying it as a deterministic context free language and establishing that an automatically generated parser can in principle be defined. However, we show that the number of rules required to describe it with a deterministic context free grammar is prohibitively high, and we identify security vulnerabilities in the OpenPGP format specification. We identify possible attacks aimed at tampering with messages and certificates while retaining their syntactical and semantical validity. We evaluate the effectiveness of these attacks against the two OpenPGP implementations covering the overwhelming majority of uses, i.e., the GNU Privacy Guard (GPG) and Symantec PGP. The results of the evaluation show that both implementations turn out not to be vulnerable due to conser- vative choices in dealing with malicious input data. Finally, we provide guidelines to improve the OpenPGP specification |
| URL | https://ieeexplore.ieee.org/document/8121793 |
| DOI | 10.1109/ISPAN-FCST-ISCC.2017.35 |
| Citation Key | barenghi_security_2017 |
- public domain software
- OpenPGP
- OpenPGP format
- OpenPGP format specification
- OpenPGP implementations
- pattern classification
- PGP
- Production
- Protocols
- pubcrawl
- open source Unix systems
- Public key
- Resiliency
- Scalability
- security audit
- Security Audits
- security vulnerabilities
- Symantec PGP
- Unix
- email confidentiality
- authorisation
- computer security
- context-free grammars
- context-free languages
- deterministic context free grammar
- deterministic context free language
- Electronic mail
- email authenticity
- authenticated package distributions
- Formal Specification
- GNU Privacy Guard
- GnuPG
- Grammar
- Human behavior
- language theoretical analysis
- Language-theoretic security
- malicious input data