Action Needed! Helping Users Find and Complete the Authentication Ceremony in Signal

The security guarantees of secure messaging applications are contingent upon users performing an authentication ceremony, which typically involves verifying the fingerprints of encryption keys. However, recent lab studies have shown that users are unable to do this without being told in advance about the ceremony and its importance. A recent study showed that even with this instruction, the time it takes users to find and complete the ceremony is excessively long—about 11 minutes. To remedy these problems, we modified Signal to include prompts for the ceremony and also simplified the ceremony itself. To gauge the effect of these changes, we conducted a between-subject user study involving 30 pairs of participants. Our study methodology includes no user training and only a small performance bonus to encourage the secure behavior. Our results show that users are able to both find and complete the ceremony more quickly in our new version of Signal. Despite these improvements, many users are still unsure or confused about the purpose of the authentication ceremony. We discuss the need for better risk communication and methods to promote trust.

[1]  Matthew Smith,et al.  An Empirical Study of Textual Key-Fingerprint Representations , 2016, USENIX Security Symposium.

[2]  Amir Herzberg,et al.  Can Johnny finally encrypt?: evaluating E2E-encryption in popular IM applications , 2016, STAST.

[3]  Kat Krol,et al.  The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram , 2017 .

[4]  M. Angela Sasse,et al.  Obstacles to the Adoption of Secure Communication Tools , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[5]  Steve Krug,et al.  Don't Make Me Think!: A Common Sense Approach to Web Usability , 2000 .

[6]  Markus Huber,et al.  When SIGNAL hits the Fan: On the Usability and Security of State-of-the-Art Secure Mobile Messaging , 2016 .

[7]  Yang Wang,et al.  Nudges for Privacy and Security , 2017, ACM Comput. Surv..

[8]  Nitesh Saxena,et al.  On the Pitfalls of End-to-End Encrypted Communications: A Study of Remote Key-Fingerprint Verification , 2017, ACSAC.

[9]  Sonia Chiasson,et al.  What's the deal with privacy apps?: a comprehensive exploration of user perception and usability , 2015, MUM.

[10]  Michael J. Freedman,et al.  CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.

[11]  M. Angela Sasse,et al.  Scaring and Bullying People into Security Won't Work , 2015, IEEE Security & Privacy.

[12]  Daniel Zappala,et al.  Social Authentication for End-to-End Encryption , 2016, WAY@SOUPS.

[13]  Cormac Herley,et al.  So long, and no thanks for the externalities: the rational rejection of security advice by users , 2009, NSPW '09.

[14]  Sunny Consolvo,et al.  Improving SSL Warnings: Comprehension and Adherence , 2015, CHI.

[15]  Daniel Zappala,et al.  Is that you, Alice? A Usability Study of the Authentication Ceremony of Secure Messaging Applications , 2017, SOUPS.

[16]  Apu Kapadia A Case (Study) For Usability in Secure Email Communication , 2007, IEEE Security & Privacy.

[17]  Blase Ur,et al.  Can Unicorns Help Users Compare Crypto Key Fingerprints? , 2017, CHI.

[18]  Ian Goldberg,et al.  SoK: Secure Messaging , 2015, 2015 IEEE Symposium on Security and Privacy.