An Inconvenient Trust: User Attitudes toward Security and Usability Tradeoffs for Key-Directory Encryption Systems

Many critical communications now take place digitally, but recent revelations demonstrate that these communications can often be intercepted. To achieve true message privacy, users need end-to-end message encryption, in which the communications service provider is not able to decrypt the content. Historically, end-to-end encryption has proven extremely difficult for people to use correctly, but recently tools like Apple’s iMessage and Google’s End-to-End have made it more broadly accessible by using key-directory services. These tools (and others like them) sacrifice some security properties for convenience, which alarms some security experts, but little is known about how average users evaluate these tradeoffs. In a 52-person interview study, we asked participants to complete encryption tasks using both a traditional key-exchange model and a key-directory-based registration model. We also described the security properties of each (varying the order of presentation) and asked participants for their opinions. We found that participants understood the two models well and made coherent assessments about when different tradeoffs might be appropriate. Our participants recognized that the less-convenient exchange model was more secure overall, but found the security of the registration model to be “good enough” for many everyday purposes.

[1]  Rob Miller,et al.  Johnny 2: a user test of key continuity management with S/MIME and Outlook Express , 2005, SOUPS '05.

[2]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[3]  白石 善明,et al.  "Confused Johnny: When Automatic Encryption Leads to Confusion and Mistakes"の紹介 , 2013 .

[4]  Matthew Green,et al.  Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage , 2016, USENIX Security Symposium.

[5]  Prashanth Rajivan,et al.  Instrument for Measuring Computing and Security Expertise – TR 715 , 2015 .

[6]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[7]  Chris Christensen,et al.  The usability of end user cryptographic products , 2009 .

[8]  Edward W. Felten,et al.  Secrecy, flagging, and paranoia: adoption criteria in encrypted email , 2006, CHI.

[9]  Franziska Roesner,et al.  Investigating the Computer Security Practices and Needs of Journalists , 2015, USENIX Security Symposium.

[10]  Blake Ramsdell,et al.  S/MIME Version 3 Message Specification , 1999, RFC.

[11]  Mark Ryan,et al.  Enhanced Certificate Transparency and End-to-End Encrypted Mail , 2014, NDSS.

[12]  Matthew Smith,et al.  Helping Johnny 2.0 to encrypt his Facebook conversations , 2012, SOUPS.

[13]  David R. Anderson,et al.  Multimodel Inference , 2004 .

[14]  Ben Laurie Certificate Transparency , 2014, ACM Queue.

[15]  Peter Kuper,et al.  The State of Security , 2005, IEEE Secur. Priv..

[16]  Daniel J. Solove,et al.  'I've Got Nothing to Hide' and Other Misunderstandings of Privacy , 2007 .

[17]  Anselm L. Strauss,et al.  Basics of qualitative research : techniques and procedures for developing grounded theory , 1998 .

[18]  Daniel Zappala,et al.  "We're on the Same Page": A Usability Study of Secure Email Using Pairs of Novice Users , 2015, CHI.

[19]  Madhubalan Viswanathan,et al.  Measurement error and research design , 2005 .

[20]  Michael J. Freedman,et al.  CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.

[21]  Corey A Ciocchetti The Eavesdropping Employer: A Twenty‐First Century Framework for Employee Monitoring , 2010 .

[22]  Matthew Smith,et al.  Confidentiality as a Service -- Usable Security for the Cloud , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.