PGP ADK Exploit
Unauthorized administrative keys can be inserted into an unsuspecting certificate. When the compromised certificate is imported by a user, subsequent encrypted files will be exposed to decryption by the holder of the unauthorized ADK Private Key.
Exploit Details
Name: PGP ADK Exploit
Versions: PGP 5.5.x through PGP 6.5.3
Protocols/Services: Encryption
Written by: Travis Mander
Protocol Description
The term protocol here does not use the conventional definition of protocol that is used when discussing computers. Instead of message protocols, such as those used on the Internet, the term protocol here relates to Cryptographic Protocols. These protocols help manage the logical keys used in a cryptosystem. The cryptosystem is an ...
Get Hackers Beware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.