I would like to report that we realized that even when sending an encrypted encrypted E-Mail between two Thunderbird instances, AEAD is not used in the S/MIME encryption, even though it seems to be supported by NSS. Instead the legacy CBC mode encryption, known to subject to all kind of manipulation attacks, is used.
- Falko
MTG
AG
Dr. Falko Strenzke
Executive System Architect
Phone: +49
6151 8000 24
E-Mail: falko.s...@mtg.de
Web: mtg.de
MTG Exhibitions – See you in 2023
MTG
AG - Dolivostr. 11 - 64293 Darmstadt, Germany
Commercial register: HRB 8901
Register Court: Amtsgericht Darmstadt
Management Board: Jürgen Ruf (CEO), Tamer Kemeröz
Chairman of the Supervisory Board: Dr. Thomas Milde
This email may contain confidential and/or privileged
information. If you are not the correct recipient or have
received this email in error,
please inform the sender immediately and delete this
email. Unauthorised copying or distribution of this email
is not permitted.
Data protection information: Privacy policy