Researchers say that a widely used method of interrupting has been faced with a serious risk. PGP (Pretty Good Privacy) is a data encryption method which is sometimes added to programs that send and receive email. Despite the preliminary ban, the report of corruption was published in the Sudayesh Zeitung magazine.
Previously, the Electronic Frontier Foundation (EFF) advised their consultants to disable automatically decrypted PGP email tools immediately. Sebastian Schinzel problem was investigated at the Munster University of Applied Sciences.
After the disclosure of the details of the fraud, after the withdrawal of the ban, Mr. Shinzel and colleagues published their research on how PSP email attacks work. A website also publishes news by explaining this issue.
The cyber-security researchers initially had concerns that this problem had affected PGP’s core protocols – that would undermine all the use of encryption methods, including file encryption.
However, the software provider can encrypt data using PGP interpreting a provider specifically providing specific email programs which include the HTML code for the decryption error to fail to properly verify the email link properly.
Of GnuPG Werner Koch said the issue was “overblown” by the EFF. Security expert Mikko Hypponen, F-Secure said. had a burden that theoretically weaknesses used to decrypt the cached encrypted images of the past may be used, if an attacker gets access to such data.
Allan Woodward of Surrey University agreed, adding. “It has some big impact because it can be decrypted and directed to channels to decrypt messages.”
Researchers say that the PGP email users disable HTML in their mail programs so that they are safe from attack depending on the weakness. It is also possible to decrypt e-mails with separate PGP decryption tools from email programs.