OpenPGP keyservers under attack

by Volker Weber

In the last week of June 2019 unknown actors deployed a certificate spamming attack against two high-profile contributors in the OpenPGP community (Robert J. Hansen and Daniel Kahn Gillmor, better known in the community as "rjh" and "dkg"). This attack exploited a defect in the OpenPGP protocol itself in order to "poison" rjh and dkg's OpenPGP certificates. Anyone who attempts to import a poisoned certificate into a vulnerable OpenPGP installation will very likely break their installation in hard-to-debug ways. Poisoned certificates are already on the SKS keyserver network. There is no reason to believe the attacker will stop at just poisoning two certificates. Further, given the ease of the attack and the highly publicized success of the attack, it is prudent to believe other certificates will soon be poisoned.

This attack cannot be mitigated by the SKS keyserver network in any reasonable time period. It is unlikely to be mitigated by the OpenPGP Working Group in any reasonable time period. Future releases of OpenPGP software will likely have some sort of mitigation, but there is no time frame. The best mitigation that can be applied at present is simple: stop retrieving data from the SKS keyserver network.

There is a personal message in there for the person who did this. Go read the whole thing.

More >

Comments

All true, but read what @FiloSottile has to say about this. The OpenPGP keyserver network was a good idea in its time, just like open SMTP relays were in the ’80s.

Running cryptographic infrastructure that can trivially be damaged beyond repair by bad actors, in today’s environment, is about as reasonable as running an open SMTP relay because it’s convenient.

Chris Ferebee, 2019-07-01

If you ever encounter a PGP key that claims to be mine, don't trust it.

Volker Weber, 2019-07-01

Recent comments

Dominique Roller on Leatherman Free T4 :: Das hat sich bewährt at 17:03
Bernd Hofmann on No battery woes on Apple Watch 6 at 16:33
Jan Van Puyvelde on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 14:30
Volker Weber on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 13:37
Volker Weber on No battery woes on Apple Watch 6 at 13:34
Dominique Roller on No battery woes on Apple Watch 6 at 13:31
michael rother on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 06:40
Jan Van Puyvelde on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 02:22
Volker Weber on Der Solo Loop ist toll at 15:04
Manfred Wiktorin on Der Solo Loop ist toll at 13:32
Bernd Hofmann on Apple Watch 6 :: Erste Eindrücke at 12:11
Volker Weber on Apple Watch 6 :: Erste Eindrücke at 10:06
Sascha Westphal on Apple Watch 6 :: Erste Eindrücke at 08:30
Valentin Woelm on Apple Watch 6 :: Erste Eindrücke at 23:26
Jochen Kattoll on Scanning websites with Blacklight at 22:54
Markus Michalski on Jabra Firmware 2.4.5 for Evolve2 65 at 16:59
Matthias Welling on Scanning websites with Blacklight at 13:43
Stefan Sperling on Scanning websites with Blacklight at 13:41
Ben Langhinrichs on Scanning websites with Blacklight at 17:55
Karl Heindel on Scanning websites with Blacklight at 16:17
Volker Weber on Jabra rüstet kabellose Ohrhörer Elite 75t mit ANC nach, kündigt Elite 85t an at 14:35
Michael Jäckel on Jabra rüstet kabellose Ohrhörer Elite 75t mit ANC nach, kündigt Elite 85t an at 14:04
Martin Maerz on Scanning websites with Blacklight at 13:17
Volker Weber on Scanning websites with Blacklight at 13:17
Karl Heindel on Scanning websites with Blacklight at 12:41

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 17:25

visitors.gif

Paypal vowe