New research has disclosed what’s being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm.
“The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB) mode of operation,” Finnish cybersecurity company WithSecure said in a report published last week.
Office 365 Message Encryption (OME) is a security mechanism used to send and receive encrypted email messages between users inside and outside an organization without revealing anything about the communications themselves.
A consequence of the newly disclosed issue is that rogue third-parties gaining access to the encrypted email messages may be able to decipher the messages, effectively breaking confidentiality protections.
Electronic Codebook is one of the simplest modes of encryption wherein each message block is encoded separately by a key, meaning identical plaintext blocks will be transposed into identical ciphertext blocks, making it unsuitable as a cryptographic protocol.
Indeed, the U.S. National Institute of Standards and Technology (NIST) pointed out earlier this year that “ECB mode encrypts plaintext blocks independently, without randomization; therefore, the inspection of any two ciphertext blocks reveals whether or not the corresponding plaintext blocks are equal.”
That said, the shortcoming identified by WithSecure doesn’t relate to the decryption of a single message per se, but rather banks on analyzing a stash of encrypted stolen mails for such leaky patterns and subsequently decoding the contents.
“An attacker with a large database of messages may infer their content (or parts of it) by analyzing relative locations of repeated sections of the intercepted messages,” the company said.
The findings add to growing concerns that encrypted information previously exfiltrated may be decrypted and exploited for attacks in the future, a threat called “hack now, decrypt later,” fueling the need to switch to quantum-resistant algorithms.
Microsoft, for its part, considers OME as a legacy system, with the company recommending customers to use a data governance platform called Purview to secure emails and documents via encryption and access controls.
“Even though both versions can coexist, we highly recommend that you edit your old mail flow rules that use the rule action Apply the previous version of OME to use Microsoft Purview Message Encryption,” Redmond notes in its documentation.
“Since Microsoft has no plans to fix this vulnerability the only mitigation is to avoid using Microsoft Office 365 Message Encryption,” WithSecure said.