Design and development of OTRmail security engine for thunderbird
Electronic mail has become an important mode of communication, thus security and privacy of correspondence has become an increasing concern. It is also noted that emails which are sent in clear are easily eavesdropped by intermediate nodes forwarding the emails. To overcome this issue, secure email...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2010
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/39907 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-39907 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-399072023-03-03T20:34:22Z Design and development of OTRmail security engine for thunderbird Wang, Derong Woo Wing Keong School of Computer Engineering Centre for Multimedia and Network Technology DRNTU::Engineering::Computer science and engineering::Data::Data encryption Electronic mail has become an important mode of communication, thus security and privacy of correspondence has become an increasing concern. It is also noted that emails which are sent in clear are easily eavesdropped by intermediate nodes forwarding the emails. To overcome this issue, secure email solutions are being used. Currently, secure email solutions use either Secure/Multipurpose Internet Mail Extension (S/MIME), Pretty Good Privacy (PGP) or OpenPGP protocols. These protocols are not suitable for personal communication as they use long-lived encryption keys, digital signatures and complex key distributions. Hence, the use of Off-The-Record Mail (OTRmail) protocol is suggested. Not only does the OTRmail handles the key distribution for the users, it also provides perfect forward secrecy and repudiability, which is ideal for casual personal communication. However, the protocol had only been implemented using Java as a proof of concept. In order to garner wider public acceptance, an extension to Mozilla Thunderbird to enable support of the OTRmail protocol was developed. The development of the extension is divided into two parts, namely the graphical user interface (GUI) and the XPCOM components as the security engine. This project focused mainly on the engine component of the extension while a prototype GUI was created for the purpose of testing the engine. In this report, the OTRmail protocol design and the cryptographic algorithms used are introduced. The Mozilla extension API (Gecko) and the Network Security Services (NSS) are covered in detail. The design and implementation of both the engine and GUI are also discussed in detail along with the extension file structure and the necessary files to create this Mozilla extension. Essential information about the OTRmail security engine, which has been successfully developed and thoroughly tested, is provided. This report will serve as a guide for developers either in using the security engine in their extension or in improving the security engine capabilities. Bachelor of Engineering (Computer Engineering) 2010-06-08T01:24:25Z 2010-06-08T01:24:25Z 2010 2010 Final Year Project (FYP) http://hdl.handle.net/10356/39907 en Nanyang Technological University 72 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering::Data::Data encryption |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering::Data::Data encryption Wang, Derong Design and development of OTRmail security engine for thunderbird |
| description |
Electronic mail has become an important mode of communication, thus security and privacy of correspondence has become an increasing concern. It is also noted that emails which are sent in clear are easily eavesdropped by intermediate nodes forwarding the emails. To overcome this issue, secure email solutions are being used. Currently, secure email solutions use either Secure/Multipurpose Internet Mail Extension (S/MIME), Pretty Good Privacy (PGP) or OpenPGP protocols. These protocols are not suitable for personal communication as they use long-lived encryption keys, digital signatures and complex key distributions. Hence, the use of Off-The-Record Mail (OTRmail) protocol is suggested.
Not only does the OTRmail handles the key distribution for the users, it also provides perfect forward secrecy and repudiability, which is ideal for casual personal communication. However, the protocol had only been implemented using Java as a proof of concept. In order to garner wider public acceptance, an extension to Mozilla Thunderbird to enable support of the OTRmail protocol was developed.
The development of the extension is divided into two parts, namely the graphical user interface (GUI) and the XPCOM components as the security engine. This project focused mainly on the engine component of the extension while a prototype GUI was created for the purpose of testing the engine.
In this report, the OTRmail protocol design and the cryptographic algorithms used are introduced. The Mozilla extension API (Gecko) and the Network Security Services (NSS) are covered in detail. The design and implementation of both the engine and GUI are also discussed in detail along with the extension file structure and the necessary files to create this Mozilla extension.
Essential information about the OTRmail security engine, which has been successfully developed and thoroughly tested, is provided. This report will serve as a guide for developers either in using the security engine in their extension or in improving the security engine capabilities. |
| author2 |
Woo Wing Keong |
| author_facet |
Woo Wing Keong Wang, Derong |
| format |
Final Year Project |
| author |
Wang, Derong |
| author_sort |
Wang, Derong |
| title |
Design and development of OTRmail security engine for thunderbird |
| title_short |
Design and development of OTRmail security engine for thunderbird |
| title_full |
Design and development of OTRmail security engine for thunderbird |
| title_fullStr |
Design and development of OTRmail security engine for thunderbird |
| title_full_unstemmed |
Design and development of OTRmail security engine for thunderbird |
| title_sort |
design and development of otrmail security engine for thunderbird |
| publishDate |
2010 |
| url |
http://hdl.handle.net/10356/39907 |
| _version_ |
1759856138763894784 |