{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:15:56Z","timestamp":1763507756199,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":45,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,10,30]],"date-time":"2020-10-30T00:00:00Z","timestamp":1604016000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,10,30]]},"DOI":"10.1145\/3372297.3417878","type":"proceedings-article","created":{"date-parts":[[2021,3,4]],"date-time":"2021-03-04T16:21:21Z","timestamp":1614874881000},"page":"1647-1664","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Mitigation of Attacks on Email End-to-End Encryption"],"prefix":"10.1145","author":[{"given":"J\u00f6rg","family":"Schwenk","sequence":"first","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marcus","family":"Brinkmann","sequence":"additional","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Damian","family":"Poddebniak","sequence":"additional","affiliation":[{"name":"M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jens","family":"M\u00fcller","sequence":"additional","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Juraj","family":"Somorovsky","sequence":"additional","affiliation":[{"name":"Paderborn University, Paderborn, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sebastian","family":"Schinzel","sequence":"additional","affiliation":[{"name":"M\u00fcnster University of Applied Sciences, M\u00fcnster, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,11,2]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"P. Arntz. 2014. The RTLO method. https:\/\/blog.malwarebytes.com\/cybercrime\/2014\/01\/the-rtlo-method\/  P. Arntz. 2014. The RTLO method. https:\/\/blog.malwarebytes.com\/cybercrime\/2014\/01\/the-rtlo-method\/"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"crossref","unstructured":"A. Barth. 2011. The Web Origin Concept. http:\/\/tools.ietf.org\/rfc\/rfc6454.txt RFC6454.  A. Barth. 2011. The Web Origin Concept. http:\/\/tools.ietf.org\/rfc\/rfc6454.txt RFC6454.","DOI":"10.17487\/rfc6454"},{"key":"e_1_3_2_1_3_1","unstructured":"Adam Barth and Dan Boneth. 2005. Correcting Privacy Violations in Blind-Carbon-Copy (BCC) Encrypted Email. https:\/\/crypto.stanford.edu\/portia\/papers\/bb-bcc.pdf  Adam Barth and Dan Boneth. 2005. Correcting Privacy Violations in Blind-Carbon-Copy (BCC) Encrypted Email. https:\/\/crypto.stanford.edu\/portia\/papers\/bb-bcc.pdf"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-008-9026-x"},{"volume-title":"Efail: HTML Mails have no Security Concept and are to blame. https:\/\/blog.hboeck.de\/archives\/894-Efail-HTML-Mails-have-no-Security-Concept-and-are-to-blame.html","year":"2018","author":"B\u00f6ck H.","key":"e_1_3_2_1_5_1"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","unstructured":"L. Cailleux and C. Bonatti. 2015. Securing Header Fields with S\/MIME. http:\/\/tools.ietf.org\/rfc\/rfc7508.txt RFC7508.  L. Cailleux and C. Bonatti. 2015. Securing Header Fields with S\/MIME. http:\/\/tools.ietf.org\/rfc\/rfc7508.txt RFC7508.","DOI":"10.17487\/RFC7508"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"J. Callas L. Donnerhacke H. Finney D. Shaw and R. Thayer. 2007. OpenPGP Message Format. http:\/\/tools.ietf.org\/rfc\/rfc4880.txt RFC4880.  J. Callas L. Donnerhacke H. Finney D. Shaw and R. Thayer. 2007. OpenPGP Message Format. http:\/\/tools.ietf.org\/rfc\/rfc4880.txt RFC4880.","DOI":"10.17487\/rfc4880"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"D. Crocker. 1982. STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT MESSAGES. http:\/\/tools.ietf.org\/rfc\/rfc0822.txt RFC0822.  D. Crocker. 1982. STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT MESSAGES. http:\/\/tools.ietf.org\/rfc\/rfc0822.txt RFC0822.","DOI":"10.17487\/rfc0822"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"D. Crocker T. Hansen and M. Kucherawy. 2011. DomainKeys Identified Mail (DKIM) Signatures. http:\/\/tools.ietf.org\/rfc\/rfc6376.txt RFC6376.  D. Crocker T. Hansen and M. Kucherawy. 2011. DomainKeys Identified Mail (DKIM) Signatures. http:\/\/tools.ietf.org\/rfc\/rfc6376.txt RFC6376.","DOI":"10.17487\/rfc6376"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/647055.715781"},{"volume-title":"Kelvin Yiu, and Magnus Nystr\u00f6m.","year":"2012","author":"Eastlake Donald","key":"e_1_3_2_1_11_1"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"M. Elkins D. Del Torto R. Levien and T. Roessler. 2001. MIME Security with OpenPGP. http:\/\/tools.ietf.org\/rfc\/rfc3156.txt RFC3156.  M. Elkins D. Del Torto R. Levien and T. Roessler. 2001. MIME Security with OpenPGP. http:\/\/tools.ietf.org\/rfc\/rfc3156.txt RFC3156.","DOI":"10.17487\/rfc3156"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"crossref","unstructured":"N. Freed and N. Borenstein. 1996 a. Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies. http:\/\/tools.ietf.org\/rfc\/rfc2045.txt RFC2045.  N. Freed and N. Borenstein. 1996 a. Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies. http:\/\/tools.ietf.org\/rfc\/rfc2045.txt RFC2045.","DOI":"10.17487\/rfc2045"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"N. Freed and N. Borenstein. 1996 b. Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types. http:\/\/tools.ietf.org\/rfc\/rfc2046.txt RFC2046.  N. Freed and N. Borenstein. 1996 b. Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types. http:\/\/tools.ietf.org\/rfc\/rfc2046.txt RFC2046.","DOI":"10.17487\/rfc2046"},{"volume-title":"Proceedings of the Annual Symposium on Information Assurance and Secure Knowledge Management.","year":"2012","author":"Fry Ann","key":"e_1_3_2_1_15_1"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1073001.1073003"},{"key":"e_1_3_2_1_17_1","unstructured":"Mario Heiderich N. Krein D. Wei\u00dfer F. F\u00e4\u00dfler N. Kobeissi A. Inf\u00fchr Hong and J. Magazinius. 2017. Pentest-Report Thunderbird & Enigmail. https:\/\/cure53.de\/pentest-report_thunderbird-enigmail.pdf.  Mario Heiderich N. Krein D. Wei\u00dfer F. F\u00e4\u00dfler N. Kobeissi A. Inf\u00fchr Hong and J. Magazinius. 2017. Pentest-Report Thunderbird & Enigmail. https:\/\/cure53.de\/pentest-report_thunderbird-enigmail.pdf."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"R. Housley. 2009. Cryptographic Message Syntax (CMS). http:\/\/tools.ietf.org\/rfc\/rfc5652.txt RFC5652.  R. Housley. 2009. Cryptographic Message Syntax (CMS). http:\/\/tools.ietf.org\/rfc\/rfc5652.txt RFC5652.","DOI":"10.17487\/rfc5652"},{"key":"e_1_3_2_1_19_1","unstructured":"International Organization for Standardization ISO. 2008. ISO 32000--1:2008 Document Management -- Portable Document Format -- Part 1: PDF 1.7.  International Organization for Standardization ISO. 2008. ISO 32000--1:2008 Document Management -- Portable Document Format -- Part 1: PDF 1.7."},{"volume-title":"One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography. In Network and Distributed System Security Symposium (NDSS).","year":"2013","author":"Jager Tibor","key":"e_1_3_2_1_20_1"},{"volume-title":"How To Break XML Encryption. In The 18th ACM Conference on Computer and Communications Security (CCS).","year":"2011","author":"Jager Tibor","key":"e_1_3_2_1_21_1"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the 9th Conference on USENIX Security Symposium -","volume":"9","author":"Katz Jonathan","year":"2000"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"S. Kent and R. Atkinson. 1998. IP Encapsulating Security Payload (ESP). http:\/\/tools.ietf.org\/rfc\/rfc2406.txt RFC2406.  S. Kent and R. Atkinson. 1998. IP Encapsulating Security Payload (ESP). http:\/\/tools.ietf.org\/rfc\/rfc2406.txt RFC2406.","DOI":"10.17487\/rfc2406"},{"key":"e_1_3_2_1_24_1","unstructured":"Vlastimil Kl\u00edma and Tom\u00e1s Rosa. 2002. Attack on Private Signature Keys of the OpenPGP format PGP programs and other applications compatible with OpenPGP.  Vlastimil Kl\u00edma and Tom\u00e1s Rosa. 2002. Attack on Private Signature Keys of the OpenPGP format PGP programs and other applications compatible with OpenPGP."},{"key":"e_1_3_2_1_25_1","unstructured":"W. Koch B. Carlson R. Tse D. Atkins and D. Gillmor. 2019. OpenPGP Message Format draft-ietf-openpgp-rfc4880bis-08. https:\/\/tools.ietf.org\/html\/draft-ietf-openpgp-rfc4880bis-08.  W. Koch B. Carlson R. Tse D. Atkins and D. Gillmor. 2019. OpenPGP Message Format draft-ietf-openpgp-rfc4880bis-08. https:\/\/tools.ietf.org\/html\/draft-ietf-openpgp-rfc4880bis-08."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"D. Levi and J. Schoenwaelder. 2001. Definitions of Managed Objects for the Delegation of Management Scripts. http:\/\/tools.ietf.org\/rfc\/rfc3165.txt RFC3165.  D. Levi and J. Schoenwaelder. 2001. Definitions of Managed Objects for the Delegation of Management Scripts. http:\/\/tools.ietf.org\/rfc\/rfc3165.txt RFC3165.","DOI":"10.17487\/rfc3165"},{"key":"e_1_3_2_1_27_1","unstructured":"Jonas Magazinius. 2015. OpenPGP SEIP downgrade attack. http:\/\/www.metzdowd.com\/pipermail\/cryptography\/2015-October\/026685.html.  Jonas Magazinius. 2015. OpenPGP SEIP downgrade attack. http:\/\/www.metzdowd.com\/pipermail\/cryptography\/2015-October\/026685.html."},{"volume-title":"28th USENIX Security Symposium, USENIX Security","year":"2019","author":"Jens M\u00fc","key":"e_1_3_2_1_29_1"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354214"},{"volume-title":"Re: What's Up Johnny? -- Covert Content Attacks on Email End-to-End Encryption. https:\/\/arxiv.org\/ftp\/arxiv\/papers\/1904\/1904.07550.pdf.","year":"2019","author":"M\u00fcller Jens","key":"e_1_3_2_1_31_1"},{"key":"e_1_3_2_1_32_1","unstructured":"Trevor Perrin. 2002. OpenPGP security analysis. https:\/\/www.ietf.org\/mail-archive\/web\/openpgp\/current\/msg02909.html.  Trevor Perrin. 2002. OpenPGP security analysis. https:\/\/www.ietf.org\/mail-archive\/web\/openpgp\/current\/msg02909.html."},{"volume-title":"27th USENIX Security Symposium, USENIX Security 2018","year":"2018","author":"Poddebniak Damian","key":"e_1_3_2_1_33_1"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"crossref","unstructured":"J. Postel. 1980. DoD standard Transmission Control Protocol. http:\/\/tools.ietf.org\/rfc\/rfc0761.txt RFC0761.  J. Postel. 1980. DoD standard Transmission Control Protocol. http:\/\/tools.ietf.org\/rfc\/rfc0761.txt RFC0761.","DOI":"10.17487\/rfc0761"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","unstructured":"B. Ramsdell and S. Turner. 2010. Secure\/Multipurpose Internet Mail Extensions (S\/MIME) Version 3.2 Message Specification. http:\/\/tools.ietf.org\/rfc\/rfc5751.txt RFC5751.  B. Ramsdell and S. Turner. 2010. Secure\/Multipurpose Internet Mail Extensions (S\/MIME) Version 3.2 Message Specification. http:\/\/tools.ietf.org\/rfc\/rfc5751.txt RFC5751.","DOI":"10.17487\/rfc5751"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"P. Resnick. 2001. Internet Message Format. http:\/\/tools.ietf.org\/rfc\/rfc2822.txt RFC2822.  P. Resnick. 2001. Internet Message Format. http:\/\/tools.ietf.org\/rfc\/rfc2822.txt RFC2822.","DOI":"10.17487\/rfc2822"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"crossref","unstructured":"P. Resnick. 2008. Internet Message Format. http:\/\/tools.ietf.org\/rfc\/rfc5322.txt RFC5322.  P. Resnick. 2008. Internet Message Format. http:\/\/tools.ietf.org\/rfc\/rfc5322.txt RFC5322.","DOI":"10.17487\/rfc5322"},{"volume-title":"Authenticated-Encryption With Associated-Data. In ACM CCS 2002: 9th Conference on Computer and Communications Security, Vijayalakshmi Atluri (Ed.). ACM Press","year":"2002","author":"Rogaway Phillip","key":"e_1_3_2_1_38_1"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3313761"},{"volume-title":"Seamons","year":"2015","author":"Ruoti Scott","key":"e_1_3_2_1_40_1"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"crossref","unstructured":"J. Schaad B. Ramsdell and S. Turner. 2019. Secure\/Multipurpose Internet Mail Extensions (S\/MIME) Version 4.0 Message Specification. https:\/\/tools.ietf.org\/html\/rfc8551 RFC8551.  J. Schaad B. Ramsdell and S. Turner. 2019. Secure\/Multipurpose Internet Mail Extensions (S\/MIME) Version 4.0 Message Specification. https:\/\/tools.ietf.org\/html\/rfc8551 RFC8551.","DOI":"10.17487\/RFC8551"},{"volume-title":"Proceedings of the 6th Symposium on Usable Privacy and Security (SOUPS '06)","author":"Sheng S.","key":"e_1_3_2_1_42_1"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SERVICES.2012.6"},{"volume-title":"Safety Guide for Journalists -- a Handbook for Reporters in High-Risk Environments","author":"United Nations Educational Scientific and Cultural Organization and Reporters Without Borders. 2016.","key":"e_1_3_2_1_44_1"},{"key":"e_1_3_2_1_45_1","unstructured":"Alma Whitten and J Doug Tygar. [n.d.]. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0.  Alma Whitten and J Doug Tygar. [n.d.]. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0."},{"volume":"8","volume-title":"Proceedings of the 8th Conference on USENIX Security Symposium -","author":"Whitten Alma","key":"e_1_3_2_1_46_1"}],"event":{"name":"CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Virtual Event USA","acronym":"CCS '20"},"container-title":["Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372297.3417878","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3372297.3417878","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:01:31Z","timestamp":1750197691000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372297.3417878"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,10,30]]},"references-count":45,"alternative-id":["10.1145\/3372297.3417878","10.1145\/3372297"],"URL":"https:\/\/doi.org\/10.1145\/3372297.3417878","relation":{},"subject":[],"published":{"date-parts":[[2020,10,30]]},"assertion":[{"value":"2020-11-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}