Feature request (or just discussion about) for gnupg
I have posted a document:
A Solution for Sending Messages Safely from EFAIL-safe Senders to EFAIL-unsafe Receivers
at https://github.com/craigphicks/efail-safe-send-to-insec-recv/wiki
It's a very simple proposal. The plaintext of every encrypted block is prefaced by an obfuscation string part which prevents the message string part vcoming after it from being part of the EFAIL attribute. The EFAIL can attack each block seperately, but it can't divide and conquer a block itself.
The obfuscation string needs to contain a double quote ("), a single quote ('), and a space ( ). You can immediately see how it works by looking at this HTML sandbox:
https://try.jsoup.org/%7E_nyXks5PuAs-zJeek8CVhpuAvtI
where you can play around with the choices the EFAIL attacker has and the opportunities to defend against it.
It depicts a typical 16 bytes string to be encoded in a single block, but it is safely prefaced by an obfuscation string.
Did I mention it has to be uncompressed? Because compression ruins the boundary alignment.
More technical details are in the document.
I have tried to offer a whole system cost/benefit analysis at the end. It might not be worth it, but on the other hand it should be considered.
If it were to be implemented it would have to be implemented in the GnuPG module. That is because aligning the obfuscation string with the encryption block boundary requires close coordination. Too easy to make a mistake otherwise.
I am posting this as a feature request because that is what it would be if added to GnuPG.
Long live the Gname of GnuPG.
Craig P Hicks
craig ~at~ pindertek c o m