Amazon S3 Encryption Client for Go Key Commitment Vulnerability

A key commitment vulnerability has been identified in the Amazon S3 Encryption Client for Go, specifically in versions through 3.1.0. This vulnerability allows a user with write access to an S3 bucket to replace the encrypted data key (EDK) with a rogue key that decrypts to a different plaintext. This issue arises when the EDK is stored in an 'Instruction File' rather than in S3's metadata, exposing it to an 'Invisible Salamanders' attack. The lack of key commitment means that a single ciphertext could be decrypted into multiple plaintexts using different keys, potentially leading to unauthorized access to sensitive data.

Impact

Exploitation of this vulnerability could allow for the unauthorized replacement of an encrypted data key, leading to the decryption of encrypted messages using a rogue key, and potentially allowing access to sensitive information that was not intended to be disclosed.

Remediation

Users are advised to upgrade the Amazon S3 Encryption Client for Go to version 4.0.0 or later, where this vulnerability has been addressed by introducing key commitment, ensuring that the EDK is cryptographically bound to the ciphertext. Instructions for upgrading can be found in the migration guide from version 3.x to 4.x.