Open source bugs threaten digital signatures

A pair of security bugs in cryptography software could allow an attacker to insert content into a digitally signed message or forge signatures on files.

The flaws lie in the open-source GNU Privacy Guard software, also known as GnuPG and GPG, the GnuPG group said in two alerts. The software, a free replacement for the Pretty Good Privacy cryptographic technology, ships with many open source operating systems such as FreeBSD, OpenBSD and many Linux distributions.

The vulnerabilities could pose a threat to the value of digital signatures, Tavis Ormandy of the Gentoo Linux security team wrote in an email interview on Friday. For example, a miscreant could add information to a security alert sent via email or forge the digital signature on software updates, said Ormandy, who discovered both flaws.

This poses a risk to those who use the open source cryptographic technology to authenticate email communications or digitally sign files and, even more so, to the recipients of those messages and users of the files.

Linux and Unix distributors, for example, often use GPG digital signatures in their security advisories so customers can verify the announcement is authentic, Ormandy wrote. The signatures are also used in some software updates these companies put out to ensure nobody has tampered with data, he said.

Ormandy wrote: "GnuPG is used in all sorts of ways to guarantee the authenticity of files and messages. Without the help of GPG, you can bet phoney advisories with advice to download malicious files would be a daily occurrence."

Systems used to distribute software updates that rely on GPG are likely to need fixing. Ormandy wrote: "It is likely that many software update systems - especially on Linux - rely on GPG and will require an update to prevent anyone malicious tampering with software repositories."

Fixes for the flaws are available from the GnuPG team. In addition, those who include the technology in their own products, such as Gentoo and Novell, have been pushing out updates for their products.

The most recent patch was released on Thursday. It was discovered that it is possible to insert data into a digitally signed message, which the system would still verify as authentic, according to a GnuPG security advisory.

Ormandy discovered this latest flaw when further researching an earlier bug, for which a patch was released on 15 February. That earlier flaw could cause automated signature checkers on file downloads to consider a file safe, while the signature was forged, according to a Novell Suse Linux alert.

There have been no reports of attacks that exploit the vulnerabilities. However, users of the vulnerable software should install security updates soon to ensure they are protected.

Joris Evers writes for CNET News.com