A Attack on E-Mail Encryption Protocols by Chosen Ciphertext Method

Several security protocols (PGP, PEM, MOSS, S/MIME, PKCS#7, CMS, etc.) have been developed to provide confidentiality and authentication of electronic mail. These protocols are widely used and trusted for private communication over the Internet. The authors point out a potentially serious security hole in these protocols: any encrypted message can be decrypted using a one-message, adaptive chosen-cipher text attack. Although such attacks have been formalized mainly for theoretical interest, they argue that they are feasible in the networked systems in which these email protocols are used.