PGP: Identifying Message Recipients

TL;DR

Yes, it’s generally possible to identify all recipients of a PGP encrypted message if the sender doesn’t take specific precautions. The recipient list is often embedded in the message headers.

How Recipients Are Identified

When you send a PGP encrypted email, your email client typically adds information about who you encrypted the message for to the message itself. This isn’t part of the encryption; it’s metadata added before or after the encryption process.

Steps to Understand and Mitigate Recipient Identification

1. Understanding the ‘To:’ Field: The most obvious way recipients are identified is through the To: field. Even with PGP, this field often remains visible in the unencrypted headers.
2. Examining Message Headers: Recipient information can be found within the message headers, even if the body is encrypted. Tools like email clients (Thunderbird, Outlook) or command-line tools can display these headers.
   • Using Thunderbird: View > Headers > All
   • Command Line (using openssl):

     openssl smime -in message.eml -header

     This will show the full headers, including recipient details.

3. ‘X-PGP-Recipients’ Header: Many PGP implementations add an X-PGP-Recipients header that explicitly lists the email addresses of those who received a copy of the encrypted message.
   • This is often the key indicator.
4. ‘Resent-From:’ Header: If someone forwards your encrypted email, they may add a Resent-From: header which can also reveal recipients if not handled correctly.
5. Mitigation Strategies – BCC Equivalent: The best way to prevent recipient identification is to send individual, separately encrypted emails to each person.
   • This mimics the functionality of ‘BCC’ in regular email. Each message has only one intended recipient listed in the headers.
   • Most modern PGP clients allow you to select multiple recipients and encrypt a separate copy for each.
6. Mitigation Strategies – Removing Headers: Some email clients offer options to strip headers before sending, but this isn’t always reliable and can break compatibility.
   • Be cautious when using header stripping as it may interfere with PGP functionality.
7. Mitigation Strategies – Using a Mail Transfer Agent (MTA): Advanced users can configure an MTA to remove identifying headers before sending the email.
   • This requires technical expertise and careful configuration.

Important Considerations

Forwarding: If a recipient forwards your encrypted message, they may inadvertently reveal other recipients if the headers aren’t properly handled.

Email Client Behaviour: Different email clients handle PGP and headers differently. Test your setup thoroughly to understand how it behaves.

cyber security Best Practices: Always verify the authenticity of recipient public keys before encrypting sensitive information. Be aware that even with encryption, metadata can still reveal information about communication patterns.