Throughout the many arguments over encrypted communications, there has been at least one constant: the venerable tools for strong email encryption are trustworthy. That may no longer be true.

On Tuesday, well-credentialed cybersecurity researchers will detail what they call critical vulnerabilities in widely-used tools for applying PGP/GPG and S/MIME encryption. According to Sebastian Schinzel, a professor at the Münster University of Applied Sciences in Germany, the flaws could reveal the “plaintext” that email encryption is supposed to cover up—in both current and old emails.