Private Webmail 2.0

Ruoti, Scott; Andersen, Jeff; Hendershot, Travis; Zappala, Daniel; Seamons, Kent E.

doi:10.1145/2984511.2984580

Cited by 26 publications

(14 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, users do not notice this due to lacking feedback. Security-enhancing applications should use security constraints, distinctive UI for the security features [37,40], and provide security status feedback.…”

Section: Design Principle 3: Prevent Insecure Behaviourmentioning

confidence: 99%

“…Thirdly, the experts indicated that the applications did not clarify why users should use them. A simple and convincing explanation of benefits and risks can provide motivation [1,3,16,35,37,40].…”

Section: Design Principle 4: Explain the Intended Secure Behaviourmentioning

confidence: 99%

“…Once recipients receive the encrypted email, the social norm is to read it and reply. This social norm might be reinforced when the encrypted email is accompanied by a plaintext personal message of the sender like the PWM application did [37].…”

Section: Design Principle 5: Reduce Social Obstacles and Resistance A...mentioning

confidence: 99%

See 2 more Smart Citations

Design Principles for Actual Security

Brandon

Schraffenberger

Sluis-Thiescheffer

et al. 2022

Adjunct Proceedings of the 2022 Nordic Human-Computer Interaction Conference

View full text Add to dashboard Cite

The following full text is a publisher's version.For additional information about this publication click this link. https://repository.ubn.ru.nl/handle/2066/282746Please be advised that this information was generated on 2024-06-03 and may be subject to change. Article 25fa End User AgreementThis publication is distributed under the terms of Article 25fa of the Dutch Copyright Act. This article entitles the maker of a short scientific work funded either wholly or partially by Dutch public funds to make that work publicly available for no consideration following a reasonable period of time after the work was first published, provided that clear reference is made to the source of the first publication of the work.Research outputs of researchers employed by Dutch Universities that comply with the legal requirements of Article 25fa of the Dutch Copyright Act, are distributed online and free of cost or other barriers in institutional repositories. Research outputs are distributed six months after their first online publication in the original published version and with proper attribution to the source of the original publication.

show abstract

Section: Design Principle 3: Prevent Insecure Behaviourmentioning

confidence: 99%

Section: Design Principle 4: Explain the Intended Secure Behaviourmentioning

confidence: 99%

See 1 more Smart Citation

Design Principles for Actual Security

Brandon

Schraffenberger

Sluis-Thiescheffer

et al. 2022

Adjunct Proceedings of the 2022 Nordic Human-Computer Interaction Conference

View full text Add to dashboard Cite

show abstract

“…After participants completed their tasks or reached the 20 minute limit per client, they completed the System Usability Scale (SUS) [27], an industry-standard questionnaire also used in many similar studies [33][34][35][36], for the system they had just used. At the end of the study, participants completed 14 additional survey questions specific to our research, and a final free-form question requesting any comments.…”

Section: Usabilitymentioning

confidence: 99%

“…STEED [22] extends the IMAP standard to support transparent end-to-end encryption, but requires modified clients and servers, and does not address key management at all. Pwm [36] and Pwm 2.0 [34] attempt to make end-to-end encryption transparent by integrating with popular mail providers and relying on a third-party identity-based encryption (IBE) server to manage keys, but users authenticate to the IBE server via their email account which does not protect against compromised accounts. Confidante [24] leverages users' ubiquitous use of social media accounts to ease public key management and verification via a third-party service.…”

Section: Related Workmentioning

confidence: 99%

Why Joanie Can Encrypt

Koh

Bellovin

Nieh

2019

Proceedings of the Fourteenth EuroSys Conference 2019

View full text Add to dashboard Cite

Email privacy is of crucial importance. Existing email encryption approaches are comprehensive but seldom used due to their complexity and inconvenience. We take a new approach to simplify email encryption and improve its usability by implementing receiver-controlled encryption: newly received messages are transparently downloaded and encrypted to a locally-generated key; the original message is then replaced. To avoid the problem of moving a single private key between devices, we implement per-device key pairs: only public keys need be synchronized via a simple verification step. Compromising an email account or server only provides access to encrypted emails. We implemented this scheme on several platforms, showing it works with PGP and S/MIME, is compatible with widely used mail clients and email services including Gmail, has acceptable overhead, and that users consider it intuitive and easy to use.

show abstract

Private Cloud Storage: Client-Side Encryption and Usable Secure Utility Functions

Tachikawa

Kanaoka

2020

HCI for Cybersecurity, Privacy and Trust

View full text Add to dashboard Cite

Private Webmail 2.0

Cited by 26 publications

References 10 publications

Design Principles for Actual Security

Design Principles for Actual Security

Why Joanie Can Encrypt

Private Cloud Storage: Client-Side Encryption and Usable Secure Utility Functions

Contact Info

Product

Resources

About