The symmetric-key encryption used in Tutanota is vulnerable to ciphertext malleability (a.k.a. arbitrary bit rewriting), since they fail to authenticate their ciphertexts.
The symmetric-key encryption used in Tutanota is vulnerable to ciphertext malleability (a.k.a. arbitrary bit rewriting), since they fail to authenticate their ciphertexts.