Solving the content-type challenge of OTRmail extension
Electronic mail has evolved and became a necessary mode of communication in this world today. To combat leak of sensitive information, cryptography is employed. Some of the most common cryptographic protocols used today are PGP (Pretty Good Protocol) and S/MIME (Secure Multipurpose Internet...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2012
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/49116 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-49116 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-491162023-03-03T20:48:22Z Solving the content-type challenge of OTRmail extension See, Ghim Shen. Woo Wing Keong School of Computer Engineering DRNTU::Engineering::Computer science and engineering::Data::Data encryption Electronic mail has evolved and became a necessary mode of communication in this world today. To combat leak of sensitive information, cryptography is employed. Some of the most common cryptographic protocols used today are PGP (Pretty Good Protocol) and S/MIME (Secure Multipurpose Internet Mail Extension). Although these protocols provide decent cryptographic features like confidentiality and authentication, their keys and digital signatures are long lived. These features however, are undesirable in social communication. Conversely, OTR (Off-The-Record) protocols offers two desirable features suitable for social communication, they are: perfect forward secrecy and repudiation. Mozilla Thunderbird was chosen as the test bed for implementation due to a strong open source community support. In this project report, I will discuss the intricacies in developing such an Off-The-Record communication protocol through building a Mozilla Thunderbird extension addon called OTRmail. At present, there remains one problem left with OTRmail implementation. This happens whenever a sender requests an email to be sent. From our conjecture, it seems that Thunderbird always appends a default “Content-type” header: “text/plain” upon delivery of email to its recipients. Currently, OTRmail is able to encrypt the message however; it is unable to alter the “Content-type” header to its intended header “multipart/encrypted”. To solve this problem, one can adopt two approaches. The first approach is to use existing Mozilla Thunderbird documentation to amend the headers to the desired header while the second approach is to cross examine codes with similar extension add-ons. On the account of several failed attempts by preceding FYP students and a lack of Mozilla Thunderbird documentation to amend “Contenttype” headers, I was compelled to adopt the second approach to resolve this problem. Tapping on preceding FYP students’ findings, it is known that there is a Mozilla Thunderbird extension “Enigmail” that provides similar encryption capabilities using PGP/SMIME and is successful in altering the “Content-type” header. Unfortunately, there is no formal documentation on the implementation of “Enigmail” to help address this problem. This report thus focuses on providing proper documentation of Enigmail codes snippets relevant to modification of “Content-type” headers. With reference to “Enigmail” source code, there is a high possibility that a new extension other than OTRmail is required to be deployed to intercept and modify the “Content-type” header before relinquishing the program control flow back to Mozilla Thunderbird. This extension is still under construction and has been archived for further implementation. Bachelor of Engineering (Computer Engineering) 2012-05-15T02:28:37Z 2012-05-15T02:28:37Z 2012 2012 Final Year Project (FYP) http://hdl.handle.net/10356/49116 en Nanyang Technological University 65 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering::Data::Data encryption |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering::Data::Data encryption See, Ghim Shen. Solving the content-type challenge of OTRmail extension |
| description |
Electronic mail has evolved and became a necessary mode of communication in this world today.
To combat leak of sensitive information, cryptography is employed. Some of the most common
cryptographic protocols used today are PGP (Pretty Good Protocol) and S/MIME (Secure
Multipurpose Internet Mail Extension). Although these protocols provide decent cryptographic
features like confidentiality and authentication, their keys and digital signatures are long lived.
These features however, are undesirable in social communication.
Conversely, OTR (Off-The-Record) protocols offers two desirable features suitable for social
communication, they are: perfect forward secrecy and repudiation.
Mozilla Thunderbird was chosen as the test bed for implementation due to a strong open source
community support. In this project report, I will discuss the intricacies in developing such an
Off-The-Record communication protocol through building a Mozilla Thunderbird extension addon
called OTRmail.
At present, there remains one problem left with OTRmail implementation. This happens
whenever a sender requests an email to be sent. From our conjecture, it seems that Thunderbird
always appends a default “Content-type” header: “text/plain” upon delivery of email to its
recipients. Currently, OTRmail is able to encrypt the message however; it is unable to alter the
“Content-type” header to its intended header “multipart/encrypted”. To solve this problem, one
can adopt two approaches. The first approach is to use existing Mozilla Thunderbird
documentation to amend the headers to the desired header while the second approach is to cross
examine codes with similar extension add-ons. On the account of several failed attempts by
preceding FYP students and a lack of Mozilla Thunderbird documentation to amend “Contenttype”
headers, I was compelled to adopt the second approach to resolve this problem.
Tapping on preceding FYP students’ findings, it is known that there is a Mozilla Thunderbird
extension “Enigmail” that provides similar encryption capabilities using PGP/SMIME and is
successful in altering the “Content-type” header. Unfortunately, there is no formal
documentation on the implementation of “Enigmail” to help address this problem. This report
thus focuses on providing proper documentation of Enigmail codes snippets relevant to
modification of “Content-type” headers.
With reference to “Enigmail” source code, there is a high possibility that a new extension other
than OTRmail is required to be deployed to intercept and modify the “Content-type” header
before relinquishing the program control flow back to Mozilla Thunderbird. This extension is
still under construction and has been archived for further implementation. |
| author2 |
Woo Wing Keong |
| author_facet |
Woo Wing Keong See, Ghim Shen. |
| format |
Final Year Project |
| author |
See, Ghim Shen. |
| author_sort |
See, Ghim Shen. |
| title |
Solving the content-type challenge of OTRmail extension |
| title_short |
Solving the content-type challenge of OTRmail extension |
| title_full |
Solving the content-type challenge of OTRmail extension |
| title_fullStr |
Solving the content-type challenge of OTRmail extension |
| title_full_unstemmed |
Solving the content-type challenge of OTRmail extension |
| title_sort |
solving the content-type challenge of otrmail extension |
| publishDate |
2012 |
| url |
http://hdl.handle.net/10356/49116 |
| _version_ |
1759854390517170176 |