Please use this identifier to cite or link to this item:
|Title:||Solving the content-type challenge of OTRmail extension||Authors:||See, Ghim Shen.||Keywords:||DRNTU::Engineering::Computer science and engineering::Data::Data encryption||Issue Date:||2012||Abstract:||Electronic mail has evolved and became a necessary mode of communication in this world today. To combat leak of sensitive information, cryptography is employed. Some of the most common cryptographic protocols used today are PGP (Pretty Good Protocol) and S/MIME (Secure Multipurpose Internet Mail Extension). Although these protocols provide decent cryptographic features like confidentiality and authentication, their keys and digital signatures are long lived. These features however, are undesirable in social communication. Conversely, OTR (Off-The-Record) protocols offers two desirable features suitable for social communication, they are: perfect forward secrecy and repudiation. Mozilla Thunderbird was chosen as the test bed for implementation due to a strong open source community support. In this project report, I will discuss the intricacies in developing such an Off-The-Record communication protocol through building a Mozilla Thunderbird extension addon called OTRmail. At present, there remains one problem left with OTRmail implementation. This happens whenever a sender requests an email to be sent. From our conjecture, it seems that Thunderbird always appends a default “Content-type” header: “text/plain” upon delivery of email to its recipients. Currently, OTRmail is able to encrypt the message however; it is unable to alter the “Content-type” header to its intended header “multipart/encrypted”. To solve this problem, one can adopt two approaches. The first approach is to use existing Mozilla Thunderbird documentation to amend the headers to the desired header while the second approach is to cross examine codes with similar extension add-ons. On the account of several failed attempts by preceding FYP students and a lack of Mozilla Thunderbird documentation to amend “Contenttype” headers, I was compelled to adopt the second approach to resolve this problem. Tapping on preceding FYP students’ findings, it is known that there is a Mozilla Thunderbird extension “Enigmail” that provides similar encryption capabilities using PGP/SMIME and is successful in altering the “Content-type” header. Unfortunately, there is no formal documentation on the implementation of “Enigmail” to help address this problem. This report thus focuses on providing proper documentation of Enigmail codes snippets relevant to modification of “Content-type” headers. With reference to “Enigmail” source code, there is a high possibility that a new extension other than OTRmail is required to be deployed to intercept and modify the “Content-type” header before relinquishing the program control flow back to Mozilla Thunderbird. This extension is still under construction and has been archived for further implementation.||URI:||http://hdl.handle.net/10356/49116||Rights:||Nanyang Technological University||Fulltext Permission:||restricted||Fulltext Availability:||With Fulltext|
|Appears in Collections:||SCSE Student Reports (FYP/IA/PA/PI)|
Page view(s) 50167
checked on Oct 26, 2020
checked on Oct 26, 2020
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.