Amazon S3 Encryption Client for .NET Key Commitment Vulnerability

A key commitment vulnerability has been identified in the Amazon S3 Encryption Client for .NET, affecting versions through 3.1.0. This vulnerability allows a user with write access to an S3 bucket to replace the encrypted data key (EDK) with a rogue key that decrypts to a different plaintext. This issue arises when the EDK is stored in an 'Instruction File' rather than in S3's metadata, exposing it to an 'Invisible Salamanders' attack. The lack of key commitment means that multiple EDKs could be associated with a single encrypted message, potentially leading to unauthorized access to the plaintext.

Impact

Exploitation of this vulnerability could allow a malicious actor to replace the EDK with a key of their choosing, which could then be used to decrypt encrypted messages into different plaintexts, bypassing the intended encryption safeguards.

Remediation

Users are advised to upgrade the Amazon S3 Encryption Client for .NET to version 3.2.0 or later. The latest version can be downloaded from the GitHub releases page for the project.