The objective of the ISM was to study, implement, and test the secutity vulnerabilities found in email clients who support two major email end-to-end encryption: OpenPGP and S/MIME.
We followed a paper recently published on the same topic. The paper outlined the attacks that can be carried out on the the email clients supporting S/MIME and OpenPGP.
- Paper 1: Mailto: Me Your Secrets. On Bugs and Features in Email End-to-End Encryption Link: https://www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2020/08/15/mailto-paper.pdf
Please view Email_Final_Report.pdf for our ISM's final report.
- For decrypting oracle (second attack), the version of Enigmail was 2.1.6