Microsoft Email Encryption Vulnerable to Structural LeaksRedmond Uses Protocol NIST Says Is a 'Severe Security Vulnerability'
The protocol used by Microsoft for email encryption has a weakness that can leak information meant to stay secret, warns cybersecurity company WithSecure.
Electronic Code Book encrypts repeated blocks of information with the same ciphertext - meaning that in the supposedly impenetrable gibberish encryption uses to protect information from prying eyes, patterns may emerge.
"You can have the correct cipher, a really secure way of creating the key and so forth, but if you're using ECB, you have this problem," WIthSecure senior consultant Harry Sintonen tells Information Security Media Group. Microsoft includes email encryption as part of its Azure Rights Management offering.
Electronic Code Book's shortcomings aren't a secret. The National Institute of Standards and Technology, the U.S. agency that develops encryption standards for civilian use, characterizes ECB as "a severe security vulnerability." The agency earlier this year proposed limiting its use by the federal government.
Sintonen says he's drawing attention to Microsoft's use of the algorithm because Microsoft-encrypted email could betray its senders under conditions in which an adversary can gather large volumes of messages.
Because ECB encrypts repeated plaintext within a single message with the same characters, an authority able to capture and analyze email flows could infer parts of the encrypted text.
"If you have repeating patterns, these patterns are visible," Sintonen says. The vulnerability requires repetition within the message or consistent repetition among multiple messages. The latter also requires more advanced analysis to spot.
To prove the vulnerability, Sintonen was able to extract a raw image file of the word "fail" printed in black against a background. The extraction was not perfect, but it was clear enough to read the text.
Sintonen says he contacted Microsoft, which did not assign a CVE to the vulnerability. In a written statement, a company spokesperson says encryption "is intended as a tool to prevent accidental misuse and is not a security boundary."
Sintonen speculates that Microsoft continues to use the algorithm, despite its known problems, primarily to support backward compatibility. Once Redmond started using Electronic Code Book, it was difficult to get away from it without causing customers to lose the ability to decrypt old messages. "I think this probably has been some kind of early mistake they just couldn't easily fix," Sintonen says.
A Microsoft insider tells ISMG that's the case, but that the company is examining alternatives to Electronic Code Book for future product updates.