Balancing Security and Usability in Encrypted Email

End-to-end encryption is the best way to protect digital messages. Historically, end-to-end encryption has been extremely difficult for people to use, but recent tools have made it more broadly accessible, largely by employing key-directory services. These services sacrifice some security properties...

Full description

Saved in:
Bibliographic Details
Published in:IEEE internet computing 2017-05, Vol.21 (3), p.30-38
Main Authors: Wei Bai, Doowon Kim, Namara, Moses, Yichen Qian, Kelley, Patrick Gage, Mazurek, Michelle L.
Format: Article
Language:English
Subjects:
Computer security
Digital communication
Encryption
human factors
Internet/Web technologies
Privacy
Public key
public policy
security and privacy
Usability
usable security
Citations: Items that this one cites
Items that cite this one
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:End-to-end encryption is the best way to protect digital messages. Historically, end-to-end encryption has been extremely difficult for people to use, but recent tools have made it more broadly accessible, largely by employing key-directory services. These services sacrifice some security properties for convenience. The authors wanted to understand how average users think about these tradeoffs. They conducted a 52-person user study and found that participants could learn to understand properties of different encryption models. Users also made coherent assessments about when different tradeoffs might be appropriate. Participants recognized that the less-convenient exchange model was more secure overall, but considered the registration model's security sufficient for most everyday purposes.
ISSN:1089-7801
1941-0131
DOI:10.1109/MIC.2017.57