SenseMail ver.1.7 is out

We have released a new version of SenseMail with One-Time Certificates

What is a One-Time Certificate (OTC)?
Well, the answer is simple – it is a 256-bit key that is used only once. As we have written before, there are a plenty of advantages in using OTC and one minor drawback – to start using OTC you need to get both devices together to exchange the keys.
In return for that effort you get the maximum level of protection and an option to expire a message. Set the expiration time for a key and no one would be able to recover the message that was protected by that key. A better alternative to the “plausible deniability”.

How to use OTC?

  • Get two devices together. The exchange will be made via a peer-to-peer connection.

  • Add your correspondent to the app's address book.

  • Tap “Exchange one-time certs”

  • One device is used to generate the certificates, the other device will receive them. So tap “I will be a generator” on one device and “I will be a receiver” on the other.

  • On the “generator” device enter the email addresses of the sender and a receiver and tap “Generate”

  • The app will ask you to tap on the screen to collect random data. Since you need to create a 100 certificates, the more taps you make the better. If you tap less than 3200 times, the rest of the data will be obtained from the device's built-in secure random number generator. Anyway it won't accept less than 100 taps.

  • When finished tap “Done” and wait until “Transmission started...” appears indicating that the generator has finished processing the certificates and is ready to send them

  • At the same time the “generator” device will appear in the list of peers on the “receiver” device – tap it

  • On the “generator” device allow the connection and the exchange will start. Usually it takes about one second to exchange the keys

  • After confirmation of successful exchange you can use OTC. If something went wrong the certificates wouldn't be saved

  • Write a new message. Tap “Send” and the OTC page will be opened asking you to use a certificate. You can set an expiration date for that OTC. After that date on the first run of the app the certificate will be deleted and the message will become unreadable. Please note, that if you don't run the SenseMail app, the expired certificates won't be deleted

  • The other changes include:

  • Added "What's new" page showing on the first run and a button to call it from the menu

  • Added fetch and send a read receipt request

  • Added high/normal priority for a message. A blue/red dot to the right of the sender's address

  • Added "search important"

  • Code checked against OWASP (The Mobile Application Security Verification Standard) requirements

  • Added a list of all OTCs with a delete and resend options

  • Set an option for maximum protection for the local storage of settings, certificates etc. It won't appear in a system's backup

  • Set an option for maximum network protection. Any resource loaded through insecure connection will be blocked

  • Fixed save cert to overwrite it before delete

  • Fixed new messages count retrieval for a folder

  • Added total messages count for a folder

  • Fixed unseen count change for a folder

  • Added rename folder on long press

  • Forced change http to https while loading a full email

  • Added "Expire OTC now" button to the message actions

  • Stay tuned!

    Let's Get In Touch!

    Have any questions about our products? Or do you need something special? That's great! Send us an email and we will get back to you as soon as possible!

    © CreepyTwo Labs Ltd.
    Developed by CreepyTwo Labs.