Open-source bugs undermine digital signatures
Two flaws in open-source cryptography app could allow an attacker to add content to a digitally signed message or forge signatures.
The flaws lie in the open-source GNU Privacy Guard software, also known as GnuPG and GPG, the GnuPG group said in two alerts. The software, a free replacement for the Pretty Good Privacy cryptographic technology, ships with many open-source operating systems such as FreeBSD, OpenBSD and many Linux distributions.
The vulnerabilities could pose a threat to the value of digital signatures, Tavis Ormandy of the Gentoo Linux security team wrote in an e-mail interview on Friday. For example, a miscreant could add information to a security alert sent via e-mail or forge the digital signature on software updates, wrote Ormandy, who discovered both flaws.
This poses a risk to those who use the open-source cryptographic technology to authenticate e-mail communications or digitally sign files and, even more so, to the recipients of those messages and users of the files.
Linux and Unix distributors, for example, often use GPG digital signatures in their security advisories so customers can verify the announcement is authentic, Ormandy wrote. The signatures are also used in some software updates these companies put out to ensure nobody has tampered with data, he said.
"GnuPG is used in all sorts of ways to guarantee the authenticity of files and messages," Ormandy wrote. "Without the help of GPG, you can bet phony advisories with advice to download malicious files would be a daily occurrence."
Systems used to distribute software updates that rely on GPG will likely need fixing. "It is likely that many software update systems--especially on Linux--rely on GPG and will require an update to prevent anyone malicious tampering with software repositories," Ormandy wrote.
Fixes for the flaws are available from the GnuPG team. In addition, those who include the technology in their own products, such as Gentoo and Novell, have been pushing out updates for their products.
The most recent patch was released Thursday. It was discovered that it is possible to insert data into a digitally signed message, which the system would still verify as authentic, according to a GnuPG security advisory.
Ormandy discovered this latest flaw when further researching an earlier bug, for which a patch was released on Feb. 15. That earlier flaw could cause automated signature checkers on file downloads to consider a file safe, while the signature was forged, according to a Novell Suse Linux alert.
There have been no reports of attacks that exploit the vulnerabilities. However, users of the vulnerable software should install security updates soon to ensure they are protected.